CVE-2022-29143

Name of the Vulnerable Software and Affected Versions Microsoft SQL Server (affected versions not specified)

Description The issue is related to insufficient input validation in Microsoft SQL Server, allowing a remote attacker to execute arbitrary code by sending a specially crafted SQL query. This can be achieved through API endpoints, although specific endpoints are not mentioned. The username and password variables may be involved in the exploitation process, but this is not explicitly stated. The vulnerability can be exploited by sending a malicious SQL query, potentially allowing an attacker to execute arbitrary code on the affected system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.