CVE-2017-8686
Last modified
CVE-2017-8686 is a vulnerability of currently unknown severity. The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vulnerability in the Windows Server DHCP service, aka "Windows DHCP Server Remote Code Execution Vulnerability".. EPSS estimates a 27.50% chance of exploitation in the next 30 days.
Description
The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vulnerability in the Windows Server DHCP service, aka "Windows DHCP Server Remote Code Execution Vulnerability".
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Server 2012 | All versions |
| Microsoft | Windows Server 2012 | r2 |
| Microsoft | Windows Server 2016 | All versions |
References
- http://www.securityfocus.com/bid/100730Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039337Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8686Mitigation, Patch, Vendor Advisory
- http://www.securityfocus.com/bid/100730Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1039337Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8686Mitigation, Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-8686?
How severe is CVE-2017-8686?
How do I fix CVE-2017-8686?
Are you affected by CVE-2017-8686?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST