Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2017-0168: Hyper-V Information Disclosure Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2017-0168: Hyper-V Information Disclosure Vulnerability

Severity
6
CVSS
(AV:N/AC:M/Au:S/C:C/I:N/A:N)
Published
04/11/2017
Created
07/25/2018
Added
04/11/2017
Modified
09/06/2024

Description

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This CVE ID is unique from CVE-2017-0169.

Solution(s)

  • microsoft-windows-windows_server_2012-kb4015548
  • microsoft-windows-windows_server_2012_r2-kb4015547
  • msft-kb3211308-db9a8140-b864-4241-9182-e26cc2d924dd
  • msft-kb4015546-592c9a40-6bdc-4122-8496-0b4295cf7a86
  • msft-kb4015546-61107fd4-8fba-4639-9c3a-d70a69936b4e
  • msft-kb4015546-7026cec0-32bf-4488-b45a-838aa929c109
  • msft-kb4015546-c77661d2-7566-4f86-943c-264545419691
  • msft-kb4015546-cc8006a9-8438-45aa-a20d-cceef511098d
  • msft-kb4015546-e2e88e16-fd32-4c2e-8848-69817601c17b
  • msft-kb4015547-e0e5d08f-8c2b-4dcf-a8c9-36eb7c174896
  • msft-kb4015547-eb001e30-98fe-4874-a0c9-436635649fdd
  • msft-kb4015548-72db1a7d-338c-4903-9869-9fd8258b643a
  • msft-kb4015548-d1986d38-72dd-4e1a-877e-70a3f77f7802

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;