Vulnerability Description
The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to become nonresponsive, due to a memory corruption vulnerability in the Windows Server DHCP service, aka "Windows DHCP Server Remote Code Execution Vulnerability".
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Server 2012 | - |
| Microsoft | Windows Server 2016 | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100730Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039337Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8686MitigationPatchVendor Advisory
- http://www.securityfocus.com/bid/100730Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039337Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8686MitigationPatchVendor Advisory
FAQ
What is CVE-2017-8686?
CVE-2017-8686 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to bec...
How severe is CVE-2017-8686?
CVE-2017-8686 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-8686?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Server 2012, Microsoft Windows Server 2016.