CVE-2017-0171

{"id": "CVE-2017-0171", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2017-05-12T14:29:01.143", "references": [{"url": "http://www.securityfocus.com/bid/98097", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0171", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka \"Windows DNS Server Denial of Service Vulnerability\"."}, {"lang": "es", "value": "Windows DNS Server permite una vulnerabilidad de denegaci\u00f3n de servicio cuando Microsoft Windows Server 2008 SP2 y R2 SP1, Windows Server 2012 Gold y R2 y Windows Server 2016 est\u00e1n configurados para responder a consultas de versiones, tambi\u00e9n conocido como \"Windows DNS Server Denial of Service Vulnerability\"."}], "lastModified": "2017-05-25T15:33:06.453", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}