Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
CVE-2023-28304

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Odbc Driver 17 For Sql Server; Microsoft Ole Db Driver 18 For Sql Server; Microsoft Ole Db Driver 19 For Sql Server; Microsoft Odbc Driver 18 For Sql Server
Vendor: CVE Published:; 11 April 2023

What is CVE-2023-28304?

The vulnerability in Microsoft ODBC and OLE DB products allows for potential remote code execution, enabling attackers to execute arbitrary code on affected systems without user interaction. This vulnerability arises from improper processing of requests, compromising the integrity and security of the affected software. Organizations using Microsoft ODBC or OLE DB components are advised to review their systems and apply recommended mitigations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Microsoft ODBC Driver 17 for SQL Server Unknown 17.0.0.0 < 17.10.3.1

Microsoft ODBC Driver 18 for SQL Server Unknown 18.0.0.0 < 18.2.1.1

Microsoft OLE DB Driver 18 for SQL Server Unknown 18.0.0 < 18.6.5

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2023
Vulnerability Reserved
Mar 13, 2023

JSON

Microsoft

What is CVE-2023-28304?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.