Denial of Service Vulnerability in Microsoft Hyper-V Network Switch
CVE-2017-0185

5.8MEDIUM

Key Information:

Vendor
Microsoft
Status
Hyper-v
Vendor
CVE Published:
12 April 2017

Summary

A denial of service vulnerability has been identified in Microsoft Hyper-V Network Switch. This vulnerability occurs when the Hyper-V host fails to properly validate input from a privileged user operating within a guest environment. Attackers exploiting this flaw can disrupt service, impacting the availability of services hosted on affected Windows platforms. This vulnerability affects multiple versions of Windows operating systems, including Windows 10, Windows 8.1, Windows Server 2012, 2012 R2, and 2016, thus posing significant risks to enterprises relying on Hyper-V for virtualization.

Affected Version(s)

Hyper-V Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016

References

http://www.securitytracker.com/id/1038230
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/97437
vdb-entryx_refsource_BID
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.