CVE-2017-0164

4.4MEDIUM

Key Information:

Vendor: Microsoft
Status: Active Directory
Vendor: CVE Published:; 12 April 2017

Summary

A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability."

Affected Version(s)

Active Directory Windows 10 1607 and Windows Server 2016

References

http://www.securityfocus.com/bid/97448

vdb-entryx_refsource_BID

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1038235

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 12, 2017
Vulnerability Reserved
Sep 9, 2016

Collectors

NVD DatabaseMitre Database