CVE-2019-1309 — Improper Input Validation in Microsoft Windows
Severity
6.8MEDIUMNVD
NVD6.2
EPSS
0.9%
top 23.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 12
Latest updateMay 24
Description
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1310, CVE-2019-1399.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 2.3 | Impact: 4.0
Affected Packages5 packages
Patches
🔴Vulnerability Details
8GHSA▶
GHSA-73hp-87pm-246v: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24
GHSA▶
GHSA-j8v8-39p3-x83f: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest op↗2022-05-24
GHSA▶
GHSA-jvxc-cf42-9cxc: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24
GHSA▶
GHSA-rjvq-8jhg-x247: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use↗2022-05-24
CVEList▶
CVE-2019-1399: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest op↗2019-11-12