CVE-2017-0074Improper Input Validation in Corporation Hyper-v

CWE-20Improper Input Validation13 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.6%
top 30.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Microsoft Corporation Hyper-vMicrosoft Corporation Hyper-v Network SwitchMicrosoft Windows 10+9 more
Timeline
PublishedMar 17
Latest updateMay 17

Description

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerability is different from those described in CVE-2017-0098, CVE-2017-0076, CVE-2017-0097, and CVE-2017-0099.

CVSS vector

CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.0 | Impact: 4.0

Affected Packages11 packages

NVDmicrosoft/windows_101511, 1607+1

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

6
GHSA
GHSA-39cj-5fqw-pw57: Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 82022-05-17
GHSA
GHSA-54pp-wf6v-hp9x: Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 82022-05-17
GHSA
GHSA-4wwc-whcw-g74j: Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of2022-05-17
GHSA
GHSA-gpcx-wq44-fm7x: Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 82022-05-17
GHSA
GHSA-gvgp-gqjp-fw3q: Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 82022-05-17

📋Vendor Advisories

1
Microsoft
Hyper-V Denial of Service Vulnerability2017-03-14