CVE-2019-1068

Summary

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft SQL Server 2014 Service Pack 2 for 32-bit Systems (GDR)unspecifiedaffected
MicrosoftMicrosoft SQL Server2014 Service Pack 2 for 32-bit Systems (CU)affected
MicrosoftMicrosoft SQL Server2014 Service Pack 2 for x64-based Systems (CU)affected
MicrosoftMicrosoft SQL Server2016 for x64-based Systems Service Pack 1 (CU)affected
MicrosoftMicrosoft SQL Server2017 for x64-based Systems (CU)affected
MicrosoftMicrosoft SQL Server2016 for x64-based Systems Service Pack 2 (CU)affected
MicrosoftMicrosoft SQL Server 2014 Service Pack 2 for x64-based Systems (GDR)unspecifiedaffected
MicrosoftMicrosoft SQL Server 2016 for x64-based Systems Service Pack 1 (GDR)unspecifiedaffected
MicrosoftMicrosoft SQL Server 2017 for x64-based Systems (GDR)unspecifiedaffected
MicrosoftMicrosoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)unspecifiedaffected
MicrosoftMicrosoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR)unspecifiedaffected
MicrosoftMicrosoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU)unspecifiedaffected
MicrosoftMicrosoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR)unspecifiedaffected
MicrosoftMicrosoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU)unspecifiedaffected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References