Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2021-1636
PUBLISHED
More InfoOfficial Page
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
View Known Exploited Vulnerability (KEV) details
Published At-12 Jan, 2021 | 19:41
Updated At-08 Oct, 2024 | 16:17
Rejected At-
▼CVE Numbering Authority (CNA)
Microsoft SQL Elevation of Privilege Vulnerability

Microsoft SQL Elevation of Privilege Vulnerability

Affected Products
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2012 Service Pack 4 (QFE)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2012:sp4:*:*:*:*:*:*
Platforms
  • 32-bit Systems
Versions
Affected
  • From 11.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2012:sp4:*:*:*:*:*:*
Platforms
  • x64-based Systems
Versions
Affected
  • From 11.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2017 (GDR)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2017:-:*:*:*:*:x64:*
Platforms
  • x64-based Systems
Versions
Affected
  • From 14.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2014 Service Pack 3 (GDR)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x64:*
  • cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x86:*
Platforms
  • x64-based Systems
  • 32-bit Systems
Versions
Affected
  • From 12.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2016:sp2:*:*:*:*:x64:*
Platforms
  • Unknown
Versions
Affected
  • From 13.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2014 Service Pack 3 (CU 4)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x86:*
  • cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x64:*
Platforms
  • 32-bit Systems
  • x64-based Systems
Versions
Affected
  • From 12.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2017 (CU 22)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2017:-:*:*:*:*:x64:*
Platforms
  • x64-based Systems
Versions
Affected
  • From 14.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2016 Service Pack 2 (CU 15)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2016:sp2:*:*:*:*:x64:*
Platforms
  • x64-based Systems
Versions
Affected
  • From 13.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2019 (CU 8)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*
Platforms
  • x64-based Systems
Versions
Affected
  • From 16.0.0 before publication (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Microsoft SQL Server 2019 (GDR)
CPEs
  • cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*
Platforms
  • x64-based Systems
Versions
Affected
  • From 15.0.0 before publication (custom)
Problem Types
TypeCWE IDDescription
ImpactN/AElevation of Privilege
Type: Impact
CWE ID: N/A
Description: Elevation of Privilege
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1636
vendor-advisory
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1636
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1636
x_refsource_MISC
x_transferred
Hyperlink: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1636
Resource:
x_refsource_MISC
x_transferred
Details not found