5

CVE-2014-0255

Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftWindows Server 2008 Version- Updatesp2
MicrosoftWindows Server 2008 Version- Updatesp2 Editiondatacenter
MicrosoftWindows Server 2008 Version- Updatesp2 Editionenterprise
MicrosoftWindows Server 2008 Version- Updatesp2 Editionenterprise_x64
MicrosoftWindows Server 2008 Version- Updatesp2 Editionhpc
MicrosoftWindows Server 2008 Version- Updatesp2 Editionitanium
MicrosoftWindows Server 2008 Version- Updatesp2 Editionstandard
MicrosoftWindows Server 2008 Version- Updatesp2 Editionstorage
MicrosoftWindows Server 2008 Version- Updatesp2 Editionweb
MicrosoftWindows Server 2008 Versionr2 Updatesp1
MicrosoftWindows Server 2012 Versionr2 SwEditiondatacenter
MicrosoftWindows Server 2012 Versionr2 SwEditionessentials
MicrosoftWindows Server 2012 Versionr2 SwEditionstandard
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 41.53% 0.973
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.