CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
90.0%
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka âHyper-V vSMB Remote Code Execution Vulnerability.â This affects Windows Server 2016, Windows 10, Windows 10 Servers.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_10 | 1607 | cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* |
microsoft | windows_10 | 1703 | cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:* |
microsoft | windows_10 | 1709 | cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* |
microsoft | windows_10 | 1803 | cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* |
microsoft | windows_server_2016 | - | cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* |
microsoft | windows_server_2016 | 1709 | cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:* |
microsoft | windows_server_2016 | 1803 | cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:* |
[
{
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "(Server Core installation)"
}
]
},
{
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Version 1703 for x64-based Systems"
},
{
"status": "affected",
"version": "Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Version 1803 for x64-based Systems"
}
]
},
{
"product": "Windows 10 Servers",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "version 1709 (Server Core Installation)"
},
{
"status": "affected",
"version": "version 1803 (Server Core Installation)"
}
]
}
]
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
90.0%