First published: Tue Oct 10 2023(Updated: )
Microsoft SQL Server Denial of Service Vulnerability
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft OLE DB Driver 18 for SQL Server | ||
Microsoft OLE DB Driver 19 for SQL Server | ||
Microsoft ODBC Driver 18 for SQL Server | ||
Microsoft ODBC Driver 17 for SQL Server | ||
Microsoft ODBC Driver 17 for SQL Server | ||
Microsoft ODBC Driver 18 for SQL Server | ||
Microsoft ODBC Driver 18 for SQL Server | ||
Microsoft ODBC Driver 17 for SQL Server | ||
Microsoft SQL Server 2017 | ||
Microsoft SQL Server 2022 | ||
Microsoft SQL Server 2016 Azure Connect Feature Pack | ||
Microsoft SQL Server 2019 | ||
Microsoft SQL Server | ||
Microsoft SQL Server 2014 | ||
Microsoft SQL Server 2014 | ||
Microsoft ODBC Driver 13 for SQL Server | >=17.0<17.10.5.1 | |
Microsoft ODBC Driver 13 for SQL Server | >=17.0<17.10.5.1 | |
Microsoft ODBC Driver 13 for SQL Server | >=17.0<17.10.5.1 | |
Microsoft ODBC Driver 13 for SQL Server | >=18.0<18.3.2.1 | |
Microsoft ODBC Driver 13 for SQL Server | >=18.0<18.3.2.1 | |
Microsoft ODBC Driver 13 for SQL Server | >=18.0<18.3.2.1 | |
Microsoft OLE DB Driver 18 for SQL Server | >=18.0<19.3.0002.0 | |
Microsoft SQL Server | =2014-sp3 | |
Microsoft SQL Server | =2016-sp3 | |
Microsoft SQL Server | =2017 | |
Microsoft SQL Server | =2019 | |
Microsoft SQL Server | =2022 | |
Microsoft OLE DB Driver 18 for SQL Server | >=18.0<18.6.0007.0 | |
Microsoft OLE DB Driver 18 for SQL Server | >=19.0<19.3.0002.0 | |
Microsoft SQL Server | ||
Microsoft VSS Writer for SQL Server 2014 | ||
Microsoft VSS Writer for SQL Server 2014 | ||
Microsoft SQL Server LocalDB 2016 | ||
Microsoft VSS Writer for SQL Server 2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-36728 is a Denial of Service vulnerability in Microsoft SQL Server.
CVE-2023-36728 has a severity level of 5.5 (high).
Microsoft SQL Server 2017 (CU 31), SQL Server 2022 (CU 8), SQL Server 2017, SQL Server 2014, SQL Server 2019, SQL Server 2016, and SQL Server 2014 (CU 4) are affected.
To fix CVE-2023-36728 in Microsoft SQL Server 2017 (CU 31), apply the patch available at https://www.microsoft.com/download/details.aspx?familyid=aa8cdbcf-6dec-4876-864c-55193525d190.
To fix CVE-2023-36728 in SQL Server 2022 (CU 8), apply the patch available at https://www.microsoft.com/download/details.aspx?familyid=133ae486-39ae-43a4-a2b8-248af9727190.