Lucene search

K
cve[email protected]CVE-2016-0088
HistoryApr 12, 2016 - 11:59 p.m.

CVE-2016-0088

2016-04-1223:59:00
CWE-284
web.nvd.nist.gov
38
cve-2016-0088
hyper-v
remote code execution
microsoft windows
security vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.073

Percentile

94.1%

Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka β€œHyper-V Remote Code Execution Vulnerability.”

Affected configurations

NVD
Node
microsoftwindows_10
OR
microsoftwindows_8.1
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
VendorProductVersionCPE
microsoftwindows_server_2012-cpe:/o:microsoft:windows_server_2012:-:::
microsoftwindows_server_2012r2cpe:/o:microsoft:windows_server_2012:r2:::
microsoftwindows_8.1cpe:/o:microsoft:windows_8.1::::
microsoftwindows_10cpe:/o:microsoft:windows_10::::

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.073

Percentile

94.1%