Sign In

CVE-2024-0056

📊 8.7 HIGH0.4%🎯 0 exploits
📅 Published Jan 9, 2024
📋 Status: Modified

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

🎯 Affected Products & Systems

77 product configurations affected

Filter by type:
📱
Vulnerable
Version: ≥ 2.1 ∧ < 2.1.7
CPE:
cpe:2.3:a:microsoft:microsoft.data.sqlclient:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 3.1 ∧ < 3.1.5
CPE:
cpe:2.3:a:microsoft:microsoft.data.sqlclient:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 4.0 ∧ < 4.0.5
CPE:
cpe:2.3:a:microsoft:microsoft.data.sqlclient:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 5.1 ∧ < 5.1.3
CPE:
cpe:2.3:a:microsoft:microsoft.data.sqlclient:*:*:*:*:*:*:*:*
📱
microsoft / sql server
Application
Vulnerable
Version: 2022
Target HW: x64
CPE:
cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*
📱
microsoft / sql server
Application
Vulnerable
Version: 2022
CPE:
cpe:2.3:a:microsoft:sql_server:2022:cumulative_update_10:*:*:*:*:*:*
📱
Vulnerable
Version: < 4.8.6
CPE:
cpe:2.3:a:microsoft:system.data.sqlclient:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 17.2 ∧ < 17.2.23
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 17.4 ∧ < 17.4.15
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 17.6 ∧ < 17.6.11
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 17.8 ∧ < 17.8.4
CPE:
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 4.8 ∧ < 4.8.04690.02
CPE:
cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*
💻
microsoft / windows 10 1607
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 1607
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*
💻
microsoft / windows server 2008
Operating System
Safe
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
💻
microsoft / windows server 2012
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
microsoft / windows server 2012
Operating System
Safe
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
💻
microsoft / windows server 2016
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 4.8 ∧ < 4.8.04690.01
CPE:
cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*
💻
microsoft / windows server 2008
Operating System
Safe
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
📱
Vulnerable
Version: 4.6.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*
📱
Vulnerable
Version: 4.7
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*
📱
Vulnerable
Version: 4.7.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*
📱
Vulnerable
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
microsoft / windows server 2008
Operating System
Safe
Version: r2
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
💻
microsoft / windows server 2012
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
💻
microsoft / windows server 2012
Operating System
Safe
Version: r2
CPE:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
📱
Vulnerable
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
📱
Vulnerable
Version: 4.8.1
CPE:
cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*
💻
microsoft / windows 10 1809
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 1809
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*
💻
microsoft / windows 10 21h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 10 21h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 21h2
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*
💻
microsoft / windows 10 22h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 10 22h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 22h2
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*
💻
microsoft / windows 11 21h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 11 21h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows 11 22h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 11 22h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows 11 23h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 11 23h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_11_23h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows server 2019
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
💻
microsoft / windows server 2022
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*
💻
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:*:*
📱
Vulnerable
Version: ≥ 4.8 ∧ < 4.8.04690.02
CPE:
cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:*
📱
Vulnerable
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
💻
microsoft / windows 10 1809
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 1809
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*
💻
microsoft / windows 10 21h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 10 21h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 21h2
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*
💻
microsoft / windows 10 22h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 10 22h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 22h2
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*
💻
microsoft / windows 11 21h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 11 21h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows 11 22h2
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 11 22h2
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*
💻
microsoft / windows server 2019
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
💻
microsoft / windows server 2022
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*
💻
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:*:*
📱
Vulnerable
Version: 3.5
CPE:
cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*
📱
Vulnerable
Version: 4.7.2
CPE:
cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*
💻
microsoft / windows 10 1607
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 1607
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*
💻
microsoft / windows 10 1809
Operating System
Safe
Version: All versions
Target HW: arm64
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*
💻
microsoft / windows 10 1809
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*
💻
microsoft / windows 10 1809
Operating System
Safe
Version: All versions
Target HW: x86
CPE:
cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*
💻
microsoft / windows server 2016
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
💻
microsoft / windows server 2019
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
📱
Vulnerable
Version: 2.0
CPE:
cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
💻
microsoft / windows server 2008
Operating System
Safe
Version: All versions
Target HW: x64
CPE:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*
📱
microsoft / .net
Application
Vulnerable
Version: ≥ 6.0.0 ∧ < 6.0.26
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
📱
microsoft / .net
Application
Vulnerable
Version: ≥ 7.0.0 ∧ < 7.0.15
CPE:
cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*
📱
microsoft / .net
Application
Vulnerable
Version: 8.0.0
CPE:
cpe:2.3:a:microsoft:.net:8.0.0:-:*:*:*:*:*:*
77 productsscroll for more
Metrics
8.7 HIGHCVSS v3.1[email protected]
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Attack Vector:
NETWORK
Complexity:
HIGH
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
NONE
Scope:
CHANGED

🔍 Technical Details

Analysis Status
Modified
CVSS Details
8.7 (HIGH)v3.1
Source: [email protected]
EPSS Details
0.4% (Minimal)57.6th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Jan 9, 2024 (1 year ago)
Last Modified
Nov 21, 2024 (11 months ago)
Security Weaknesses2
References2