CVE-2017-0164

MEDIUM

Microsoft Windows 10 - Improper Input Validation

Title source: rule

Description

A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability."

References (3)

Scores

CVSS v3 4.4
EPSS 0.0537
EPSS Percentile 90.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-20
Status published

Affected Products (3)

microsoft/windows_10
microsoft/windows_server_2016
Microsoft Corporation/Active Directory < Windows 10 1607 and Windows Server 2016

Timeline

Published Apr 12, 2017
Tracked Since Feb 18, 2026