CVE-2017-0171
MEDIUMWindows DNS Server - Denial of Service via Version Query Handling
Title source: llmDescription
Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability".
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98097
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0171
Scores
CVSS v3
5.9
EPSS
0.2148
EPSS Percentile
95.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (6)
microsoft/windows_server_2008
microsoft/windows_server_2008
r2 sp1
microsoft/windows_server_2012
microsoft/windows_server_2012
r2
microsoft/windows_server_2016
Microsoft Corporation/Windows DNS Server
Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 20
Published
May 12, 2017
Tracked Since
Feb 18, 2026