The SQL query string is sanitized before being sent to the database, but if an attacker could control the input to the query, it could be used to inject SQL code and execute arbitrary SQL commands.
An attacker could leverage the vulnerability to inject SQL code, modify database records, or execute arbitrary SQL code if they had access to the database. An authenticated user with the 'modify user settings' permission can be exploited to prevent the SQL code injection filter from being applied.
An attacker must convince an authenticated user to allow them to modify the settings for their own account. Once an attacker has the ability to modify settings on another user's account, they may exploit the vulnerability to prevent the SQL code injection filter from being applied.
An attacker must convince an authenticated user to allow them to modify the settings for their own account. Once an attacker has the ability to modify settings on another user's account, they may exploit the vulnerability to prevent the SQL code injection filter from being applied. An attacker could exploit the vulnerability by sending an email to another user that contains an attached malicious Excel spreadsheet or other file.
If an attacker is able to gain access to a user's email account, they can exploit the vulnerability by sending an email to another user that contains an attached malicious Excel spreadsheet or other file.
Products Affected
All versions of Microsoft Excel prior to Microsoft Office 2010
Microsoft Word prior to Microsoft Word 2007
All versions of Microsoft Windows
Any system with SQL Server installed
SQL Injection Severity
Medium - The vulnerability is typically mitigated by the filtering mechanism and would only be exploitable in limited circumstances where an attacker has control over the SQL query string.
High - An attacker who successfully executes arbitrary code on a vulnerable instance will have complete control of the SQL database and can perform any action they wish.
Updates to be aware of
Microsoft has released a patch to address this vulnerability.
Microsoft has released a patch to address this vulnerability. Microsoft will be releasing an update on April 16, 2017, that addresses CVE-2022-43709.
SQL Injection
A SQL injection vulnerability occurs when an attacker is able to send a malicious input to the SQL query string, which could cause code to be executed on the database.
The vulnerability affects all versions of Microsoft SQL Server 2000 and below. Microsoft SQL Server 2008 and higher are not vulnerable to this type of attack.
Timeline
Published on: 11/22/2022 00:15:00 UTC
Last modified on: 11/22/2022 15:12:00 UTC