VYPR
High severity8.8NVD Advisory· Published Jul 9, 2024· Updated Jun 17, 2026

CVE-2024-35272

CVE-2024-35272

Description

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Affected products

14
  • Microsoft/Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Packv5
    Range: 13.0.0
  • Microsoft/Microsoft SQL Server 2016 Service Pack 3 (GDR)v5
    Range: 13.0.0
  • Microsoft/Microsoft SQL Server 2017 (CU 31)v5
    Range: 14.0.0
  • Microsoft/Microsoft SQL Server 2019 for x64-based Systems (CU 27)v5
    Range: 15.0.0
  • Microsoft/Microsoft SQL Server 2019 (GDR)v5
    Range: 15.0.0
  • Microsoft/Microsoft SQL Server 2022 for (CU 13)v5
    Range: 16.0.0
  • Microsoft/Microsoft SQL Server 2022 (GDR)v5
    Range: 16.0.0
  • Microsoft/Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)v5
    Range: 15.9.0
  • Microsoft/Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)v5
    Range: 16.11.0
  • Microsoft/Microsoft Visual Studio 2022 version 17.10v5
    Range: 17.10
  • Microsoft/Microsoft Visual Studio 2022 version 17.11v5
    Range: 17.11
  • Microsoft/Microsoft Visual Studio 2022 version 17.6v5
    Range: 17.6.0
  • Microsoft/Microsoft Visual Studio 2022 version 17.8v5
    Range: 17.8.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.