Lucene search

K
cvelistMicrosoftCVELIST:CVE-2019-1072
HistoryJul 15, 2019 - 6:56 p.m.

CVE-2019-1072

2019-07-1518:56:20
microsoft
www.cve.org

9.9 High

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.2%

A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka β€˜Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability’.

CNA Affected

[
  {
    "product": "Team Foundation Server 2012",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Update 4"
      }
    ]
  },
  {
    "product": "Team Foundation Server 2013 Update 5",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified"
      }
    ]
  },
  {
    "product": "Team Foundation Server 2018",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Update 1.2"
      },
      {
        "status": "affected",
        "version": "Update 3.2"
      }
    ]
  },
  {
    "product": "Team Foundation Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2017 Update 3.1"
      }
    ]
  },
  {
    "product": "Team Foundation Server 2015",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Update 4.2"
      }
    ]
  },
  {
    "product": "Azure DevOps Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2019.0.1"
      }
    ]
  },
  {
    "product": "Team Foundation Server 2010",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "SP1 (x86)"
      },
      {
        "status": "affected",
        "version": "SP1 (x64)"
      }
    ]
  }
]

9.9 High

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.2%