Denial of Service Vulnerability in Microsoft Hyper-V Products
CVE-2017-0074

5.4MEDIUM

Key Information:

Vendor
Microsoft
Status
Hyper-v In Microsoft Windows Vista Sp2; Windows Server 2008 Sp2 And 2008 R2; Windows 7 Sp1; Windows 8.1; Windows Server 2012 And R2; Windows 10, 1511, And 1607; And Windows Server 2016.
Vendor
CVE Published:
17 March 2017

Summary

A vulnerability in Microsoft Hyper-V allows malicious guest operating system users to exploit designed applications to trigger a denial of service condition. This can lead to unexpected application behavior, affecting the availability of virtual machines running on the impacted Windows versions. Microsoft has issued guidance to mitigate risks associated with this vulnerability.

Affected Version(s)

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016. Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016.

References

http://www.securityfocus.com/bid/96641
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037999
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.