cbcvebase.
CVE-2017-0074
published 2017-03-17

CVE-2017-0074: Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and…

PriorityP420medium5.4CVSS 3.0
AVAACHPRHUINSCCNINAH
EPSS
1.38%
68.7th percentile
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerability is different from those described in CVE-2017-0098, CVE-2017-0076, CVE-2017-0097, and CVE-2017-0099.

Affected

13 ranges
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_server_2008
microsoftwindows_server_2012
microsoft_corporationhyper-v
microsoft_corporationhyper-v_network_switch
msrcwindows_10_for_x64-based_systems
msrcwindows_10_version_1511_for_x64-based_systems
msrcwindows_10_version_1607_for_x64-based_systems
msrcwindows_8.1_for_x64-based_systems
msrcwindows_server_2012
msrcwindows_server_2012_r2
msrcwindows_server_2016

CVSS provenance

nvdv3.05.4MEDIUMCVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
nvdv2.02.3LOWAV:A/AC:M/Au:S/C:N/I:N/A:P
vendor_msrc5.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.