CVE-2017-0216

Опубликовано: 15 июн. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 4.6

EPSS Низкий

Описание

Microsoft Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0215, CVE-2017-0218, and CVE-2017-0219.

Ссылки

http://www.securityfocus.com/bid/98896
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0216
Mitigation
Patch
Vendor Advisory
http://www.securityfocus.com/bid/98896
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0216
Mitigation
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00581

Низкий

5.3 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2017-0216

CVSS3: 5.3

msrc

около 8 лет назад

Device Guard Code Integrity Policy Security Feature Bypass Vulnerability

GHSA-3p2f-6gxq-2j9p

CVSS3: 5.3

github

около 3 лет назад

EPSS

Процентиль: 68%

0.00581

Низкий

5.3 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo