CVE-2024-21440

ANC

High

Microsoft ODBC Driver Remote Code Execution Vulnerability

CVSS

8.8

High

EPSS

0.01

p80

Published

2024-01-01

Updated

2024-01-01

Description

Microsoft ODBC Driver Remote Code Execution Vulnerability

Tags · CWE

Pre-auth

CWE-197

Affected products

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

2024-01-01

Published

2024-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.014 · p80

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected software

Product	Vendor	Status
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked
		Tracked

Source databases

ANC

MSR

CVE

Related vulnerabilities

BDU:2024-02124