CVE-2017-0101 - Vulnerability Details - OpenCVE

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is in the KEV database since March 15, 2022.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Microsoft	Windows 7 Windows Server 2008 Windows Vista

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_7:-:sp1::::::
	cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
	cpe:2.3:o:microsoft:windows_vista:-:sp2::::::

No data.

References

Link	Providers
http://www.securityfocus.com/bid/96625
http://www.securitytracker.com/id/1038013
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101
https://www.exploit-db.com/exploits/44479/

History

Mon, 10 Feb 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-03-15'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2017-03-17T00:00:00.000Z

Updated: 2025-02-10T15:44:58.235Z

Reserved: 2016-09-09T00:00:00.000Z

Link: CVE-2017-0101

Vulnrichment

Updated: 2024-08-05T12:55:18.569Z

NVD

Status : Modified

Published: 2017-03-17T00:59:02.743

Modified: 2025-02-10T16:15:30.407

Link: CVE-2017-0101

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Windows", "vendor": "Microsoft Corporation", "versions": [{"status": "affected", "version": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607"}]}], "datePublic": "2017-03-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "Elevation of Privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-18T09:57:01.000Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "44479", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/44479/"}, {"name": "96625", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96625"}, {"name": "1038013", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038013"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2017-0101", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Windows", "version": {"version_data": [{"version_value": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607"}]}}]}, "vendor_name": "Microsoft Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of Privilege"}]}]}, "references": {"reference_data": [{"name": "44479", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44479/"}, {"name": "96625", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96625"}, {"name": "1038013", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038013"}, {"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:55:18.569Z"}, "title": "CVE Program Container", "references": [{"name": "44479", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/44479/"}, {"name": "96625", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96625"}, {"name": "1038013", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038013"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-10T15:09:09.387700Z", "id": "CVE-2017-0101", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-15", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-0101"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-10T15:44:58.235Z"}}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2017-0101", "datePublished": "2017-03-17T00:00:00.000Z", "dateReserved": "2016-09-09T00:00:00.000Z", "dateUpdated": "2025-02-10T15:44:58.235Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.exploit-db.com/exploits/44479/", "name": "44479", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/96625", "name": "96625", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1038013", "name": "1038013", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:55:18.569Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2017-0101", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-10T15:09:09.387700Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-15", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-0101"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-10T15:44:35.021Z"}}], "cna": {"affected": [{"vendor": "Microsoft Corporation", "product": "Windows", "versions": [{"status": "affected", "version": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607"}]}], "datePublic": "2017-03-14T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/44479/", "name": "44479", "tags": ["exploit", "x_refsource_EXPLOIT-DB"]}, {"url": "http://www.securityfocus.com/bid/96625", "name": "96625", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://www.securitytracker.com/id/1038013", "name": "1038013", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\""}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Elevation of Privilege"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2018-04-18T09:57:01.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607"}]}, "product_name": "Windows"}]}, "vendor_name": "Microsoft Corporation"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.exploit-db.com/exploits/44479/", "name": "44479", "refsource": "EXPLOIT-DB"}, {"url": "http://www.securityfocus.com/bid/96625", "name": "96625", "refsource": "BID"}, {"url": "http://www.securitytracker.com/id/1038013", "name": "1038013", "refsource": "SECTRACK"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of Privilege"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2017-0101", "STATE": "PUBLIC", "ASSIGNER": "secure@microsoft.com"}}}}, "cveMetadata": {"cveId": "CVE-2017-0101", "state": "PUBLISHED", "dateUpdated": "2025-02-10T15:44:58.235Z", "dateReserved": "2016-09-09T00:00:00.000Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2017-03-17T00:00:00.000Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-04-05", "cisaExploitAdd": "2022-03-15", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft Windows Transaction Manager Privilege Escalation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\""}, {"lang": "es", "value": "Los controladores del modo kernel en Transaction Manager en Microsoft Windows Vista SP2; Windows Server 2008 SP2 y R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1; Windows 10 Gold, 1511 y 1607 y Windows Server 2016 permiten a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, vulnerabilidad tambi\u00e9n conocida como \"Windows Elevation of Privilege Vulnerability\"."}], "id": "CVE-2017-0101", "lastModified": "2025-02-10T16:15:30.407", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2017-03-17T00:59:02.743", "references": [{"source": "secure@microsoft.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96625"}, {"source": "secure@microsoft.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038013"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101"}, {"source": "secure@microsoft.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/44479/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96625"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038013"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0101"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/44479/"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}