CVE-2017-11899 - Vulnerability Details - OpenCVE

Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka "Microsoft Windows Security Feature Bypass Vulnerability".

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 10 Windows Server 2016

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_10:-:::::::*
	cpe:2.3:o:microsoft:windows_10:1511:::::::*
	cpe:2.3:o:microsoft:windows_10:1607:::::::*
	cpe:2.3:o:microsoft:windows_10:1703:::::::*
	cpe:2.3:o:microsoft:windows_10:1709:::::::*
	cpe:2.3:o:microsoft:windows_server_2016:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2016:1709:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/102077
http://www.securitytracker.com/id/1039992
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11899

History

No history.

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2017-12-12T21:00:00Z

Updated: 2024-09-17T01:16:24.032Z

Reserved: 2017-07-31T00:00:00

Link: CVE-2017-11899

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-12-12T21:29:01.243

Modified: 2025-04-20T01:37:25.860

Link: CVE-2017-11899

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Device Guard", "vendor": "Microsoft Corporation", "versions": [{"status": "affected", "version": "Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"}]}], "datePublic": "2017-12-12T00:00:00", "descriptions": [{"lang": "en", "value": "Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka \"Microsoft Windows Security Feature Bypass Vulnerability\"."}], "problemTypes": [{"descriptions": [{"description": "Security Feature Bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-13T10:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11899"}, {"name": "1039992", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039992"}, {"name": "102077", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102077"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "DATE_PUBLIC": "2017-12-12T00:00:00", "ID": "CVE-2017-11899", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Device Guard", "version": {"version_data": [{"version_value": "Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709"}]}}]}, "vendor_name": "Microsoft Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka \"Microsoft Windows Security Feature Bypass Vulnerability\"."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Security Feature Bypass"}]}]}, "references": {"reference_data": [{"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11899", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11899"}, {"name": "1039992", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039992"}, {"name": "102077", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102077"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T18:19:39.396Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11899"}, {"name": "1039992", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039992"}, {"name": "102077", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/102077"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2017-11899", "datePublished": "2017-12-12T21:00:00Z", "dateReserved": "2017-07-31T00:00:00", "dateUpdated": "2024-09-17T01:16:24.032Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "matchCriteriaId": "232581CC-130A-4C62-A7E9-2EC9A9364D53", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "matchCriteriaId": "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka \"Microsoft Windows Security Feature Bypass Vulnerability\"."}, {"lang": "es", "value": "Device Guard en Windows 10 Gold, 1511, 1607, 1703 y 1709, Windows Server 2016 y Windows Server en su versi\u00f3n 1709 permite que se produzca una vulnerabilidad de omisi\u00f3n de la caracter\u00edstica de seguridad por la manera en la que los archivos no fiables se gestionan. Esta vulnerabilidad tambi\u00e9n se conoce como \"Microsoft Windows Security Feature Bypass Vulnerability\"."}], "id": "CVE-2017-11899", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-12T21:29:01.243", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102077"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039992"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11899"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102077"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039992"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11899"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}