6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.2%
03/14/2017
Warning
An improper sanitizing of a specially designed request was found in Microsoft IIS Server. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited remotely via a specially designed URL.
Windows Vista Service Pack 2
Windows 7 Service Pack 1
Windows 8.1
Windows RT
Windows 10
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
PE
CVE-2017-00554.3Warning
4012217
4012215
4012216
4012606
4013198
4013429
4012212
4012214
4012213
4012373
4013074
Public exploits exist for this vulnerability.
support.microsoft.com/kb/4012212
support.microsoft.com/kb/4012213
support.microsoft.com/kb/4012214
support.microsoft.com/kb/4012215
support.microsoft.com/kb/4012216
support.microsoft.com/kb/4012217
support.microsoft.com/kb/4012373
support.microsoft.com/kb/4012606
support.microsoft.com/kb/4013074
support.microsoft.com/kb/4013198
support.microsoft.com/kb/4013429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0055
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0055
statistics.securelist.com/vulnerability-scan/month
technet.microsoft.com/library/security/MS17-016
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Vista-4/
threats.kaspersky.com/en/product/Windows-RT/
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.2%