CVE-2017-0169

Опубликовано: 12 апр. 2017

Источник: nvd

CVSS3: 5.4

CVSS2: 5.2

EPSS Низкий

Описание

An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0168.

Ссылки

http://www.securityfocus.com/bid/97459
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038232
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0169
Mitigation
Patch
Vendor Advisory
http://www.securityfocus.com/bid/97459
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038232
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0169
Mitigation
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.0045

Низкий

5.4 Medium

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-0169

CVSS3: 7.3

msrc

около 8 лет назад

Windows Hyper-V Information Disclosure Vulnerability

GHSA-h4mh-8q48-6cpr