CVE-2017-8715

EUVD-2017-17661
The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Windows Security Feature Bypass".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_server_2016
*
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4042895
1511 (x64, x86)
KB4041689
1607 (x64, x86)
KB4041691
1703 (x64, x86)
KB4041676
Windows Server 2016
Server Core
KB4041691
Standard
KB4041691
References
http://www.securityfocus.com/bid/101163
http://www.securitytracker.com/id/1039526
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8715
http://www.securityfocus.com/bid/101163
http://www.securitytracker.com/id/1039526
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8715