6.8
CVE-2018-8438
- EPSS 0.67%
- Veröffentlicht 13.09.2018 00:29:04
- Zuletzt bearbeitet 21.11.2024 04:13:49
- Quelle secure@microsoft.com
- Teams Watchlist Login
- Unerledigt Login
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8436, CVE-2018-8437.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 10 Version-
Microsoft ≫ Windows 10 Version1607
Microsoft ≫ Windows 10 Version1709
Microsoft ≫ Windows 10 Version1803
Microsoft ≫ Windows 8.1 Version-
Microsoft ≫ Windows 8.1 Version- SwEditionrt
Microsoft ≫ Windows Server Version2012 Updater2
Microsoft ≫ Windows Server 2016 Version-
Microsoft ≫ Windows Server 2016 Version1709
Microsoft ≫ Windows Server 2016 Version1803
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.67% | 0.704 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 2.3 | 4 |
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.