vulnerability
Microsoft Windows: CVE-2017-8557: Windows System Information Console Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Jul 11, 2017 | Jul 11, 2017 | Sep 5, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Jul 11, 2017
Added
Jul 11, 2017
Modified
Sep 5, 2025
Description
Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability improperly parses XML input containing a reference to an external entity, aka "Windows System Information Console Information Disclosure Vulnerability".
Solutions
microsoft-windows-windows_10-1507-kb4025338microsoft-windows-windows_10-1511-kb4025344microsoft-windows-windows_10-1607-kb4025339microsoft-windows-windows_10-1703-kb4025342microsoft-windows-windows_server_2012-kb4025343microsoft-windows-windows_server_2012_r2-kb4025333microsoft-windows-windows_server_2012_r2-kb4025336microsoft-windows-windows_server_2016-1607-kb4025339msft-kb4025333-2884a1b4-f534-42b7-b4e9-6b07e48912f2msft-kb4025333-9787a4fc-d69c-4bf5-92bf-7ee510368696msft-kb4025337-27fce932-7817-4fdb-965f-19eb36d78839msft-kb4025337-6c36dd1f-0240-48fa-9696-3fcf17a57a62msft-kb4025337-794feee1-ea78-4c11-a683-a91335abb0e3msft-kb4025337-856a0bc5-b356-4282-a54e-9cf87b548303msft-kb4025337-85fadee5-ed6f-4a22-964a-9b2991c4cff1msft-kb4025337-c15b95d8-875f-4922-9460-08ece3c9b584msft-kb4025343-3a348a0c-2982-4ee6-b51b-6e4644a6c888msft-kb4025343-878d370a-a48a-4f91-b0fc-a0dfd69e30abmsft-kb4025398-4407b2a8-1c3d-4251-90a8-6d29500ab734msft-kb4025398-828e4d22-542f-443b-9903-54f0088a3ac1msft-kb4025398-8d523e28-3827-4f7e-a1b9-61b09ae6b3cdmsft-kb4025398-e6ceb8b0-adae-4d1c-973c-b19125afca72
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.