CVE-2024-49021
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-49021 is a newly disclosed vulnerability affecting Microsoft SQL Server. This issue permits an unauthenticated attacker to execute arbitrary code remotely, posing a significant threat to affected systems. Successful exploitation can result in the installation of malware, unauthorized access, or other malicious activities. The vulnerability stems from a misconfiguration in the SQL Server service, which can be exploited through specially crafted packets. Microsoft has released a patch to address this issue, and it is strongly recommended that all SQL Server instances be updated as soon as possible to mitigate the risks associated with this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft SQL Server
Affected Vendors
- Microsoft