CVE-2017-8714

Опубликовано: 13 сент. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 6.9

EPSS Низкий

Описание

The Windows Hyper-V component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2,, Windows 10 1607, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Remote Desktop Virtual Host Remote Code Execution Vulnerability".

Ссылки

http://www.securityfocus.com/bid/100797
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039341
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8714
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100797
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039341
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8714
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01056

Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-8714

CVSS3: 7.8

msrc

почти 8 лет назад

Remote Desktop Virtual Host Remote Code Execution Vulnerability

GHSA-24xv-qrr3-8vjf

CVSS3: 7.8

github

около 3 лет назад

EPSS

Процентиль: 77%

0.01056

Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-20