CVE-2017-0269

MEDIUM

Microsoft Windows 10 - Improper Input Validation

Title source: rule

Description

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98263

[Various Sources] https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

[Mitigation, Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0269

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038433

Scores

CVSS v3 5.9

EPSS 0.0963

EPSS Percentile 92.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-20

Status published

Products (12)

microsoft/windows_10

microsoft/windows_7

microsoft/windows_8.1

microsoft/windows_server_2008

microsoft/windows_server_2012

... and 2 more

Published May 12, 2017

Tracked Since Feb 18, 2026