NVD - CVE-2024-21303

Vulnerability Change Records for CVE-2024-21303

Change History

Initial Analysis by NIST 9/10/2024 1:49:31 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:microsoft:sql_server_2016:::::::x64: versions from (including) 13.0.0.0 up to (including) 13.0.6441.1 cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:sp1::::::* cpe:2.3:a:microsoft:sql_server_2016:13.0.6441.1:sp2::::::* cpe:2.3:a:microsoft:sql_server_2016:::::::x64: versions from (including) 13.0.6441.2 up to (including) 13.0.7037.1 cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:sp1::::::* cpe:2.3:a:microsoft:sql_server_2016:13.0.7037.1:sp2::::::* cpe:2.3:a:microsoft:sql_server_2017:::::::x64: versions from (including) 14.0.0.0 up to (excluding) 14.0.2056.2 cpe:2.3:a:microsoft:sql_server_2017:::::::x64: versions from (including) 14.0.2056.3 up to (excluding) 14.0.3471.2 cpe:2.3:a:microsoft:sql_server_2019:::::::x64: versions from (including) 15.0.0.0 up to (excluding) 15.0.2116.2 cpe:2.3:a:microsoft:sql_server_2019:::::::x64: versions from (including) 15.0.2116.3 up to (excluding) 15.0.4382.1 cpe:2.3:a:microsoft:sql_server_2022:::::::x64: versions from (including) 16.0.0.0 up to (excluding) 16.0.1121.4 cpe:2.3:a:microsoft:sql_server_2022:::::::x64: versions from (including) 16.0.1121.5 up to (excluding) 16.0.4131.2
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CWE		NIST NVD-CWE-noinfo
Changed	Reference Type	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21303 No Types Assigned	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21303 Patch, Vendor Advisory