CVE-2017-0178
published 2017-04-12CVE-2017-0178: A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2…
PriorityP421medium5.4CVSS 3.0
AVAACHPRHUINSCCNINAH
EPSS
1.63%
73.3th percentile
A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | hyper-v | — | — |
| msrc | windows_10_for_x64-based_systems | — | — |
| msrc | windows_10_version_1511_for_x64-based_systems | — | — |
| msrc | windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | windows_8.1_for_x64-based_systems | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.05.4MEDIUMCVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
nvdv2.05.2MEDIUMAV:A/AC:M/Au:S/C:N/I:N/A:C
vendor_msrc5.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pg3w-h29g-j5vv: A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8
ghsa_unreviewed·2022-05-17·CVSS 5.8
CVE-2017-0178 [MEDIUM] CWE-20 GHSA-pg3w-h29g-j5vv: A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8
A denial of service vulnerability exists when Microsoft Hyper-V running on Windows 10, Windows 10 1511, Windows 10 1607, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.
GHSA
GHSA-584v-594r-2crm: A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8
ghsa_unreviewed·2022-05-17·CVSS 5.4
CVE-2017-0179 [MEDIUM] CWE-20 GHSA-584v-594r-2crm: A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8
A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.
GHSA
GHSA-2hjc-v6h4-434p: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8
ghsa_unreviewed·2022-05-17·CVSS 5.4
CVE-2017-0183 [MEDIUM] CWE-20 GHSA-2hjc-v6h4-434p: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.
GHSA
GHSA-4849-x279-v4q2: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8
ghsa_unreviewed·2022-05-17·CVSS 5.4
CVE-2017-0185 [MEDIUM] CWE-20 GHSA-4849-x279-v4q2: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0186.
GHSA
GHSA-283j-fp4h-g37g: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8
ghsa_unreviewed·2022-05-17·CVSS 5.4
CVE-2017-0182 [MEDIUM] CWE-20 GHSA-283j-fp4h-g37g: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0183, CVE-2017-0184, CVE-2017-0185, and CVE-2017-0186.
GHSA
GHSA-6247-wcj8-m58c: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8
ghsa_unreviewed·2022-05-17·CVSS 5.4
CVE-2017-0186 [MEDIUM] CWE-20 GHSA-6247-wcj8-m58c: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0184, and CVE-2017-0185.
GHSA
GHSA-7mw5-q8h8-w65c: A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a
ghsa_unreviewed·2022-05-17·CVSS 5.4
CVE-2017-0184 [MEDIUM] CWE-20 GHSA-7mw5-q8h8-w65c: A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a
A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-2017-0183, CVE-2017-0185, and CVE-2017-0186.
Microsoft
Windows Hyper-V Denial of Service Vulnerability
vendor_msrc·2017-04-11·CVSS 5.4
CVE-2017-0178 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.
To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.
The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious reques
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-04-12
Published