CVE-2024-43468CISA KEVEPSS p99.0%

CVE-2024-43468Microsoft Configuration Manager SQL Injection Vulnerability

Microsoft / Configuration Manager

Description

Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database.

Scoring

EPSS60.66% probability of exploitation · percentile 99.0% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2026-02-12

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Configuration Manager SQL Injection Vulnerabilitykev-cve-2024-434680%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-47178
CVE
CVE-2025-59213
CVE
Microsoft Windows Management Console Remote Code Execution Vulnerability
CVE
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
CVE
CVE-2025-47954
CVE
CVE-2025-49758
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.