CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8495

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to bypass Extended Protection for Authentication when Kerberos fails to prevent tampering with the SNAME field during ticket exchange, aka "Kerberos SNAME Security Feature Bypass Vulnerability" or Orpheus' Lyre.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.087

EPSS Ranking 92.0%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 6.0

References

Products affected by CVE-2017-8495

Microsoft » Windows 10 » Version: N/A

cpe:2.3:o:microsoft:windows_10:-
Microsoft » Windows 10 » Version: 1511

cpe:2.3:o:microsoft:windows_10:1511
Microsoft » Windows 10 » Version: 1607

cpe:2.3:o:microsoft:windows_10:1607
Microsoft » Windows 10 » Version: 1703

cpe:2.3:o:microsoft:windows_10:1703
Microsoft » Windows 7 » Version: N/A

cpe:2.3:o:microsoft:windows_7:-
Microsoft » Windows 8.1 » Version: N/A

cpe:2.3:o:microsoft:windows_8.1:-
Microsoft » Windows 8.1 » Version: 6.3.9600.20520

cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20520
Microsoft » Windows Rt 8.1 » Version: N/A

cpe:2.3:o:microsoft:windows_rt_8.1:-
Microsoft » Windows Rt 8.1 » Version: 6.3.9600.20520

cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20520
Microsoft » Windows Server 2008 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2008:-
Microsoft » Windows Server 2008 » Version: r2

cpe:2.3:o:microsoft:windows_server_2008:r2
Microsoft » Windows Server 2012 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2012:-
Microsoft » Windows Server 2012 » Version: 6.2.9200.24116

cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24116
Microsoft » Windows Server 2012 » Version: 6.2.9200.24768

cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24768
Microsoft » Windows Server 2012 » Version: 6.2.9200.24919

cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24919
Microsoft » Windows Server 2012 » Version: 6.2.9200.24975

cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24975
Microsoft » Windows Server 2012 » Version: 6.2.9200.25031

cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25031
Microsoft » Windows Server 2012 » Version: 6.2.9200.25073

cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25073
Microsoft » Windows Server 2012 » Version: r2

cpe:2.3:o:microsoft:windows_server_2012:r2
Microsoft » Windows Server 2016 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2016:-
Microsoft » Windows Server 2016 » Version: 10.0.14393.4467

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4467
Microsoft » Windows Server 2016 » Version: 10.0.14393.4530

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530
Microsoft » Windows Server 2016 » Version: 10.0.14393.4583

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583
Microsoft » Windows Server 2016 » Version: 10.0.14393.4651

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651
Microsoft » Windows Server 2016 » Version: 10.0.14393.4704

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704
Microsoft » Windows Server 2016 » Version: 10.0.14393.4770

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770
Microsoft » Windows Server 2016 » Version: 10.0.14393.4886

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4886
Microsoft » Windows Server 2016 » Version: 10.0.14393.4946

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4946
Microsoft » Windows Server 2016 » Version: 10.0.14393.5066

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066
Microsoft » Windows Server 2016 » Version: 10.0.14393.5125

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125
Microsoft » Windows Server 2016 » Version: 10.0.14393.5192

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5192
Microsoft » Windows Server 2016 » Version: 10.0.14393.5246

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5246
Microsoft » Windows Server 2016 » Version: 10.0.14393.5291

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5291
Microsoft » Windows Server 2016 » Version: 10.0.14393.5356

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5356
Microsoft » Windows Server 2016 » Version: 10.0.14393.5427

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5427
Microsoft » Windows Server 2016 » Version: 10.0.14393.5501

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501
Microsoft » Windows Server 2016 » Version: 10.0.14393.5582

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582
Microsoft » Windows Server 2016 » Version: 10.0.14393.5648

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5648
Microsoft » Windows Server 2016 » Version: 10.0.14393.5717

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5717
Microsoft » Windows Server 2016 » Version: 10.0.14393.5850

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850
Microsoft » Windows Server 2016 » Version: 10.0.14393.6085

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085
Microsoft » Windows Server 2016 » Version: 10.0.14393.6167

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167
Microsoft » Windows Server 2016 » Version: 10.0.14393.6351

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6351
Microsoft » Windows Server 2016 » Version: 10.0.14393.6452

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6452
Microsoft » Windows Server 2016 » Version: 10.0.14393.6614

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614
Microsoft » Windows Server 2016 » Version: 10.0.14393.6796

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796
Microsoft » Windows Server 2016 » Version: 10.0.14393.6897

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6897
Microsoft » Windows Server 2016 » Version: 10.0.14393.6981

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6981
Microsoft » Windows Server 2016 » Version: 10.0.14393.7070

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7070
Microsoft » Windows Server 2016 » Version: 10.0.14393.7159

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7159
Microsoft » Windows Server 2016 » Version: 10.0.14393.7259

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7259
Microsoft » Windows Server 2016 » Version: 10.0.14393.7336

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7336
Microsoft » Windows Server 2016 » Version: 10.0.14393.7428

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7428
Microsoft » Windows Server 2016 » Version: 10.0.14393.7515

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7515
Microsoft » Windows Server 2016 » Version: 10.0.14393.7606

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7606
Microsoft » Windows Server 2016 » Version: 10.0.14393.7876

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7876
Microsoft » Windows Server 2016 » Version: 1709

cpe:2.3:o:microsoft:windows_server_2016:1709
Microsoft » Windows Server 2016 » Version: 1803

cpe:2.3:o:microsoft:windows_server_2016:1803
Microsoft » Windows Server 2016 » Version: 1903

cpe:2.3:o:microsoft:windows_server_2016:1903
Microsoft » Windows Server 2016 » Version: 1909

cpe:2.3:o:microsoft:windows_server_2016:1909
Microsoft » Windows Server 2016 » Version: 2004

cpe:2.3:o:microsoft:windows_server_2016:2004
Microsoft » Windows Server 2016 » Version: 20h2

cpe:2.3:o:microsoft:windows_server_2016:20h2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8495

Products

Pricing

Contact Us