KLA11404Multiple vulnerabilities in Microsoft Development Tools

2019-01-15T00:00:00
ID KLA11404
Type kaspersky
Reporter Kaspersky Lab
Modified 2020-05-22T00:00:00

Description

Detect date:

01/15/2019

Severity:

Warning

Description:

Multiple vulnerabilities were found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to obtain sensitive information, perform cross-site scripting attacks.

Affected products:

Team Foundation Server 2018 Updated 1.2
Team Foundation Server 2017 Update 3.1
Team Foundation Server 2018 Update 3.2

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2019-0646
CVE-2019-0647

Impacts:

OSI

Related products:

Team Foundation Server

CVE-IDS:

CVE-2019-06465.4High
CVE-2019-06476.5High

Microsoft official advisories: