Denial of Service Vulnerability in Microsoft Hyper-V Network Switch
CVE-2017-0186

5.8MEDIUM

Key Information:

Vendor: Microsoft
Status: Hyper-v
Vendor: CVE Published:; 12 April 2017

What is CVE-2017-0186?

A gap in input validation within the Microsoft Hyper-V Network Switch allows a malicious privileged user on a guest operating system to execute denial of service attacks. This arises from improper handling of input, resulting in potential system instability or outages. Affected systems include various Windows versions, making it crucial for administrators to apply recommended security updates and mitigations to safeguard their environments from related threats.

Affected Version(s)

Hyper-V Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97438

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2017
Vulnerability Reserved
Sep 9, 2016