Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2017-0181
HistoryApr 12, 2017 - 2:59 p.m.

CVE-2017-0181

2017-04-1214:59:00
CWE-20
microsoft
web.nvd.nist.gov
58
4
windows
hyper-v
network switch
remote code execution
vulnerability
cve-2017-0181
nvd

CVSS2

7.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:S/C:C/I:C/A:C

CVSS3

7.6

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.008

Percentile

82.0%

JSON

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka “Hyper-V Remote Code Execution Vulnerability.” This CVE ID is unique from CVE-2017-0162, CVE-2017-0163, and CVE-2017-0180.

Affected configurations

Nvd
Vulners
Node
microsoftwindows_10
OR
microsoftwindows_10Match1511
OR
microsoftwindows_10Match1607
OR
microsoftwindows_10Match1703
OR
microsoftwindows_8.1
OR
microsoftwindows_server_2008sp2
OR
microsoftwindows_server_2008Matchr2sp1
OR
microsoftwindows_server_2012
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016
VendorProductVersionCPE
microsoftwindows_10*cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
microsoftwindows_101511cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
microsoftwindows_101607cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
microsoftwindows_101703cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
microsoftwindows_8.1*cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
microsoftwindows_server_2008r2cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
microsoftwindows_server_2012r2cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
microsoftwindows_server_2016*cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Windows Hyper-V",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Windows 10 and Windows Server 2016"
      }
    ]
  }
]

Social References

More

Related

prion 4
cve 3
nvd 4
cvelist 4
mscve 4
symantec 4
nessus 8
mskb 11
openvas 8
kaspersky 2
qualysblog 1
threatpost 1
prion
prion
Remote code execution
2017-04-12 14:59:00
Remote code execution
2017-04-12 14:59:00
Remote code execution
2017-04-12 14:59:00
cve
cve
CVE-2017-0180
2017-04-12 14:59:00
CVE-2017-0163
2017-04-12 14:59:00
CVE-2017-0162
2017-04-12 14:59:00
nvd
nvd
CVE-2017-0180
2017-04-12 14:59:00
CVE-2017-0163
2017-04-12 14:59:00
CVE-2017-0162
2017-04-12 14:59:00
cvelist
cvelist
CVE-2017-0163
2017-04-12 14:00:00
CVE-2017-0180
2017-04-12 14:00:00
CVE-2017-0181
2017-04-12 14:00:00
mscve
mscve
Hyper-V Remote Code Execution Vulnerability
2017-04-11 07:00:00
Hyper-V Remote Code Execution Vulnerability
2017-04-11 07:00:00
Hyper-V Remote Code Execution Vulnerability
2017-04-11 07:00:00
symantec
symantec
Microsoft Windows Hyper-V CVE-2017-0181 Remote Code Execution Vulnerability
2017-04-11 00:00:00
Microsoft Windows Hyper-V CVE-2017-0180 Remote Code Execution Vulnerability
2017-04-11 00:00:00
Microsoft Windows Hyper-V CVE-2017-0163 Remote Code Execution Vulnerability
2017-04-11 00:00:00
nessus
nessus
KB3211308: Security Update for Hyper-V in Windows Server 2008 (April 2017)
2018-03-07 00:00:00
KB4015217: Windows 10 1607 April 2017 Cumulative Update
2017-04-11 00:00:00
KB4015219: Windows 10 Version 1511 April 2017 Cumulative Update
2017-04-11 00:00:00
mskb
mskb
Security update for the Hyper-V vulnerability in Windows Server 2008: April 11, 2017
2017-04-11 07:00:00
April 11, 2017—KB4015221 (OS Build 10240.17354)
2017-04-11 07:00:00
April 11, 2017—KB4015583 (OS Build 15063.138)
2017-04-11 07:00:00
openvas
openvas
Microsoft Windows Hyper-V Multiple Vulnerabilities (KB3211308)
2017-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4015583)
2017-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4015219)
2017-04-12 00:00:00
kaspersky
kaspersky
KLA11060 Multiple vulnerabilities in Microsoft Windows Hyper-V
2017-04-11 00:00:00
KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)
2017-04-11 00:00:00
qualysblog
qualysblog
Microsoft Fixes 45 Vulnerabilities with new Security Update Guide – says goodbye to Security Bulletins
2017-04-11 18:24:03
threatpost
threatpost
Microsoft Patches Three Vulnerabilities Under Attack
2017-04-11 18:19:52

CVSS2

7.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:S/C:C/I:C/A:C

CVSS3

7.6

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.008

Percentile

82.0%

JSON
Related for CVE-2017-0181
prion4cve3nvd4cvelist4mscve4symantec4nessus8mskb11openvas8kaspersky2qualysblog1threatpost1