CVE-2017-8515 — Corporation Microsoft Windows vulnerability

4 documents4 sources

Severity

5.5MEDIUMNVD

EPSS

0.4%

top 40.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Microsoft Windows Microsoft Windows 10 Msrc Windows 10 Version 1511 FOR 32-bit Systems +6 more

Timeline

PublishedJun 15

Latest updateMay 13

Description

Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an unauthenticated attacker to send a specially crafted kernel mode request to cause a denial of service on the target system, aka "Windows VAD Cloning Denial of Service Vulnerability".

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages9 packages

▶msrcmsrc/windows_server_2016

▶msrcmsrc/windows_10_version_1511_for_32-bit_systems

▶msrcmsrc/windows_10_version_1607_for_32-bit_systems

▶msrcmsrc/windows_10_version_1703_for_32-bit_systems

▶msrcmsrc/windows_10_version_1511_for_x64-based_systems

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-6p63-9ccx-hw3f: Microsoft Windows 10 1511, 1607, and 1703, and Windows Server 2016 allow an unauthenticated attacker to send a specially crafted kernel mode request t↗2022-05-13

▶

📋Vendor Advisories

Microsoft

Windows VAD Cloning Denial of Service Vulnerability↗2017-06-13

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday - June 2017↗2017-06-13

▶