Azure Devops Server Security Vulnerabilities and Issues — Azure Devops Server CVE List

cve

CVE-2020-0700

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.

5.4CVSS

5.6AI Score

0.001EPSS

2020-03-12 04:15 PM

60

cve

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815.

7.5CVSS

7.5AI Score

0.001EPSS

2020-03-12 04:15 PM

57

cve

CVE-2020-0815

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758.

7.5CVSS

7.5AI Score

0.001EPSS

2020-03-12 04:15 PM

57

cve

CVE-2020-1325

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability

5.4CVSS

6AI Score

0.001EPSS

2020-11-11 07:15 AM

66

cve

CVE-2020-1326

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.

5.4CVSS

6.3AI Score

0.001EPSS

2020-07-14 11:15 PM

63

cve

CVE-2020-1327

A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.

6.1CVSS

6.8AI Score

0.001EPSS

2020-06-09 08:15 PM

64

cve

CVE-2020-17135

Azure DevOps Server Spoofing Vulnerability

6.4CVSS

5.9AI Score

0.001EPSS

2020-12-10 12:15 AM

70

cve

CVE-2020-17145

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability

5.4CVSS

6AI Score

0.001EPSS

2020-12-10 12:15 AM

75

Azure Devops Server Security Vulnerabilities - 2020