Lucene search
HistoryAug 14, 2019 - 9:15 p.m.
CVE-2019-0718
cve-2019-0718
microsoft
hyper-v
network switch
denial of service
vulnerability
5.5 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:S/C:N/I:N/A:C
5.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.1%
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.
To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.
The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch.
Affected configurations
Node
microsoftwindows_10_1703Match10.0.0
ORmicrosoftwindows_10_1803Match10.0.0
ORmicrosoftwindows_server,_1803 (server core installation)Match10.0.0
ORmicrosoftwindows_10_1809Match10.0.0
ORmicrosoftwindows_server_2019Match10.0.0
ORmicrosoftwindows_server_2019Match10.0.0
ORmicrosoftwindows_10_1709Match10.0.0
ORmicrosoftwindows_10_1507Match10.0.0
ORmicrosoftwindows_10_1607Match10.0.0
ORmicrosoftwindows_server_2016Match10.0.0
ORmicrosoftwindows_server_2016Match10.0.0
ORmicrosoftwindows_8.1Match6.3.0
ORmicrosoftwindows_server_2012Match6.2.0
ORmicrosoftwindows_server_2012Match6.2.0
ORmicrosoftwindows_server_2012_r2Match6.3.0
ORmicrosoftwindows_server_2012_r2Match6.3.0
ORmicrosoftwindows_server,_version_1903Match10.0.0
ORmicrosoftwindows_10_1903 for x64-based systemsMatch10.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows_server | * | cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:* |
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1703",
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1803",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server, version 1803 (Server Core Installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1809",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1709",
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1507",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1607",
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 8.1",
"cpes": [
"cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server, version 1903 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 10 Version 1903 for x64-based Systems",
"cpes": [
"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2019-0718 Windows Hyper-V Denial of Service Vulnerability
2019-08-14 20:55:01
mscve
mscve
Windows Hyper-V Denial of Service Vulnerability
2019-08-13 07:00:00
nvd
nvd
CVE-2019-0718
2019-08-14 21:15:12
symantec
symantec
Microsoft Windows Hyper-V CVE-2019-0718 Denial of Service Vulnerability
2019-08-13 00:00:00
prion
prion
Denial of service
2019-08-14 21:15:00
Denial of service
2019-08-14 21:15:00
Denial of service
2019-08-14 21:15:00
mskb
mskb
August 13, 2019âKB4512482 (Security-only update)
2019-08-13 07:00:00
August 13, 2019âKB4512518 (Monthly Rollup)
2019-08-13 07:00:00
August 13, 2019âKB4512489 (Security-only update)
2019-08-13 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4512488)
2019-08-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4512507)
2019-08-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4512497)
2019-08-14 00:00:00
nessus
nessus
KB4512482: Windows Server 2012 August 2019 Security Update
2019-08-13 00:00:00
KB4512497: Windows 10 August 2019 Security Update
2019-08-13 00:00:00
kaspersky
kaspersky
KLA11989 Multiple vulnerabilities in Microsoft Products (ESU)
2019-08-13 00:00:00
KLA11534 Multiple vulnerabilities in Microsoft Windows
2019-08-13 00:00:00
talosblog
talosblog
5.5 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:S/C:N/I:N/A:C
5.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.1%
Related for CVE-2019-0718