CVE Vulnerabilities

CVE-2018-8226

Published: Jun 14, 2018 | Modified: Oct 03, 2019
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka HTTP.sys Denial of Service Vulnerability. This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Affected Software

Name Vendor Start Version End Version
Windows_10 Microsoft - (including) - (including)
Windows_10 Microsoft 1607 (including) 1607 (including)
Windows_10 Microsoft 1703 (including) 1703 (including)
Windows_10 Microsoft 1709 (including) 1709 (including)
Windows_10 Microsoft 1803 (including) 1803 (including)
Windows_server_1803 Microsoft - (including) - (including)
Windows_server_2016 Microsoft - (including) - (including)
Windows_server_2016 Microsoft 1709 (including) 1709 (including)

References