Information Disclosure Vulnerability in Microsoft Windows Hyper-V Component
CVE-2017-8712

5.3MEDIUM

Key Information:

Vendor
Microsoft
Status
Windows Hyper-v
Vendor
CVE Published:
13 September 2017

Summary

The Windows Hyper-V component in specific versions of Microsoft Windows exposes an information disclosure vulnerability due to improper input validation from authenticated users operating within a guest OS environment. This oversight may allow an attacker to gain access to sensitive information. Ensuring the latest security updates and patches are applied is essential to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Windows Hyper-V Microsoft Windows 10 1607, 1703, and Windows Server 2016

References

http://www.securityfocus.com/bid/100795
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039317
vdb-entryx_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.