CVE-2018-8273 - A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code exec

CVE-2018-8273

Summary

A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.

References

Vulnerable Configurations

cpe:2.3:o:microsoft:sql_server:2016:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:sql_server:2016:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:sql_server:2016:sp2:*:*:*:*:x64:*
cpe:2.3:o:microsoft:sql_server:2016:sp2:*:*:*:*:x64:*
cpe:2.3:o:microsoft:sql_server:2017:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:sql_server:2017:*:*:*:*:*:x64:*

CVSS

Base:	10.0 (as of 13-09-2021 - 11:15)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	104967
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273
sectrack	1041467

Last major update

13-09-2021 - 11:15

Published

15-08-2018 - 17:29

Last modified

13-09-2021 - 11:15