CVE-2017-8713 — Sensitive Information Exposure in Corporation Windows Hyper-v
Severity
5.3MEDIUMNVD
EPSS
3.2%
top 12.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 13
Latest updateAug 14
Description
The Windows Hyper-V component on Microsoft Windows Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8707, CVE-2017-8711, CVE-2017-8712, and CVE-2017-8706.
CVSS vector
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:NExploitability: 0.8 | Impact: 4.0
Affected Packages11 packages
▶CVEListV5microsoft_corporation/windows_hyper-vMicrosoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-pgrg-8fhr-7vx5: The Windows Hyper-V component on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerabili↗2022-05-17
GHSA▶
GHSA-4j97-wvjp-h3gq: The Windows Hyper-V component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8↗2022-05-17
GHSA▶
GHSA-h3g9-rw58-vgq2: The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows an information disclosure vulnerability when it fails to pro↗2022-05-17
GHSA▶
GHSA-jpwm-6fvr-35jv: The Windows Hyper-V component on Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails↗2022-05-17