CVE-2017-0168

Опубликовано: 12 апр. 2017

Источник: nvd

CVSS3: 5.8

CVSS2: 6.3

EPSS Низкий

Описание

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0169.

Ссылки

http://www.securityfocus.com/bid/97418
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038232
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0168
Mitigation
Patch
Vendor Advisory
http://www.securityfocus.com/bid/97418
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038232
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0168
Mitigation
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00992

Низкий

5.8 Medium

CVSS3

6.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-0168

CVSS3: 7.7

msrc

около 8 лет назад

Hyper-V Information Disclosure Vulnerability

GHSA-cvq4-rrgx-4c7h