CVE-2018-0885

MEDIUM

Description

The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to how input from a privileged user on a guest operating system is validated, aka "Hyper-V Denial of Service Vulnerability".

References

http://www.securityfocus.com/bid/103261

http://www.securitytracker.com/id/1040518

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0885

Details

Source: MITRE

Published: 2018-03-14

Updated: 2018-04-09

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 6.3

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 6.8

Severity: MEDIUM

CVSS v3.0

Base Score: 5.8

Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

Impact Score: 4

Exploitability Score: 1.3

Severity: MEDIUM