5 matches found
CVE-2024-35267
Azure DevOps Server Spoofing Vulnerability...
CVE-2024-35267
Azure DevOps Server Spoofing Vulnerability...
CVE-2024-35267 Azure DevOps Server Spoofing Vulnerability
...
CVE-2024-35267
CVE-2024-35267 is Azure DevOps Server Spoofing Vulnerability. Connected docs confirm a vulnerability in Azure DevOps Server enabling spoofing/impersonation of other users (CVE-2024-35267; CVSSv3 base 7.6, AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L). Microsoft’s accompanying advisories indicate updates a...
Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (July 2024)
The Microsoft Team Foundation Server or Azure DevOps is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2024-35266, CVE-2024-35267...