CVE Vulnerabilities

CVE-2023-21705

Use of Hard-coded Cryptographic Key

Published: Feb 14, 2023 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Microsoft SQL Server Remote Code Execution Vulnerability

Weakness

The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.

Affected Software

Name Vendor Start Version End Version
Sql_server Microsoft 2012-sp4 (including) 2012-sp4 (including)
Sql_server Microsoft 2014-sp3 (including) 2014-sp3 (including)
Sql_server Microsoft 2016-sp3 (including) 2016-sp3 (including)
Sql_server Microsoft 2017 (including) 2017 (including)
Sql_server Microsoft 2019 (including) 2019 (including)
Sql_server Microsoft 2022 (including) 2022 (including)

Potential Mitigations

References