Security Announcement on CVE-2024-0056

We will update this announcement with new details as they emerge from our analysis. Please check back periodically.

Last update: 18 January 2024, 5:30 PM CET

CVE-2024-0056 is an 8.7 rated vulnerability affecting Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider, third-party components used in our products. It allows attackers to perform a machine-in-the-middle (MITM) attack.

Further official information on this can be found at the National Institute of Standards and Technology.

enaio® (all versions)

It is recommended that all customers using MS SQL Server 2022 and / or ODBC drivers in versions lower than 17, install the security patches specified by Microsoft, which can be found here: MSRC

Navigation

Navigate through the help pages using the table of contents on the left. If it is not displayed when the window width is small, you can temporarily show it via the hamburger menu on the right.

Use the arrows on the toolbar to navigate to the next/previous page.

You can show hidden areas. Use the toolbar to show all hidden areas at once:

Clicking the product icon in the header returns you to the beginning of the current area. Use the toolbar to access the initial page: