Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0179: Hyper-V Denial of Service Vulnerability

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Microsoft CVE-2017-0179: Hyper-V Denial of Service Vulnerability

Severity
6
CVSS
(AV:N/AC:M/Au:S/C:N/I:N/A:C)
Published
04/11/2017
Created
07/25/2018
Added
04/11/2017
Modified
11/18/2021

Description

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests.

Solution(s)

  • msft-kb4015217-455d76f1-ba4b-48e6-80a2-aaedf9dbf6ed
  • msft-kb4015217-4a4cfa3f-337e-496e-9d32-a143afcb27f4
  • msft-kb4015217-573050f8-8958-4f78-bf90-019ef167a2c0
  • msft-kb4015219-9543acec-5076-4c61-bf83-e4a710166548
  • msft-kb4015219-a1b819d9-d5d2-4b33-ae8c-444fcf07063a
  • msft-kb4015221-9827321e-56c9-4c7a-9753-b8d250d58183
  • msft-kb4015221-99f960a7-07f7-478d-bd16-686208928c61
  • msft-kb4015547-79629e4e-67eb-438d-9420-17c673012731
  • msft-kb4015547-e0e5d08f-8c2b-4dcf-a8c9-36eb7c174896
  • msft-kb4015547-eb001e30-98fe-4874-a0c9-436635649fdd
  • msft-kb4015583-184f9486-a9fd-46f9-9f83-0a07c0c939ea
  • msft-kb4015583-4816e53b-6f86-43c5-a740-0cafbe6317f5

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;