Denial of Service Vulnerability in Microsoft Hyper-V Network Switch on Windows Server and Windows 10
CVE-2018-0885

5.8MEDIUM

Key Information:

Vendor
Microsoft
Status
Microsoft Hyper-v Network Switch
Vendor
CVE Published:
14 March 2018

Summary

A denial of service vulnerability exists in the Microsoft Hyper-V Network Switch, where improper validation of input from a privileged user on a guest operating system can be exploited. This may allow an attacker to cause the switch to become unresponsive, impacting the availability of network services for all connected virtual machines. The affected systems include several versions of Microsoft Windows Server and Windows 10, emphasizing the importance of applying security patches timely to mitigate this risk.

Affected Version(s)

Microsoft Hyper-V Network Switch 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709

References

https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1040518
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/103261
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.