Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0184: Hyper-V Denial of Service Vulnerability

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Microsoft CVE-2017-0184: Hyper-V Denial of Service Vulnerability

Severity
5
CVSS
(AV:A/AC:M/Au:S/C:N/I:N/A:C)
Published
04/11/2017
Created
07/25/2018
Added
04/11/2017
Modified
11/18/2021

Description

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests.

Solution(s)

  • msft-kb3217841-24d71763-553f-42a1-a7c2-c939e7493744
  • msft-kb4015217-455d76f1-ba4b-48e6-80a2-aaedf9dbf6ed
  • msft-kb4015217-4a4cfa3f-337e-496e-9d32-a143afcb27f4
  • msft-kb4015217-573050f8-8958-4f78-bf90-019ef167a2c0
  • msft-kb4015219-9543acec-5076-4c61-bf83-e4a710166548
  • msft-kb4015219-a1b819d9-d5d2-4b33-ae8c-444fcf07063a
  • msft-kb4015221-9827321e-56c9-4c7a-9753-b8d250d58183
  • msft-kb4015221-99f960a7-07f7-478d-bd16-686208928c61
  • msft-kb4015546-592c9a40-6bdc-4122-8496-0b4295cf7a86
  • msft-kb4015546-61107fd4-8fba-4639-9c3a-d70a69936b4e
  • msft-kb4015546-7026cec0-32bf-4488-b45a-838aa929c109
  • msft-kb4015546-c77661d2-7566-4f86-943c-264545419691
  • msft-kb4015546-cc8006a9-8438-45aa-a20d-cceef511098d
  • msft-kb4015546-e2e88e16-fd32-4c2e-8848-69817601c17b
  • msft-kb4015547-79629e4e-67eb-438d-9420-17c673012731
  • msft-kb4015547-e0e5d08f-8c2b-4dcf-a8c9-36eb7c174896
  • msft-kb4015547-eb001e30-98fe-4874-a0c9-436635649fdd
  • msft-kb4015548-31ca69ca-ca73-4405-860b-037051bd1984
  • msft-kb4015548-72db1a7d-338c-4903-9869-9fd8258b643a
  • msft-kb4015548-d1986d38-72dd-4e1a-877e-70a3f77f7802
  • msft-kb4015583-184f9486-a9fd-46f9-9f83-0a07c0c939ea
  • msft-kb4015583-4816e53b-6f86-43c5-a740-0cafbe6317f5

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;