4 matches found
CVE-2025-29813
CVE-2025-29813 is an elevation of privilege vulnerability in Azure DevOps (Azure DevOps Server). The described flaw is an authentication bypass via assumed-immutable data / spoofable identity claims that could allow an unauthorized user to elevate privileges over the network. Connected sources co...
CVE-2025-47158
Azure DevOps vulnerability CVE-2025-47158: Authentication bypass by assumed-immutable data can allow a network attacker to elevate privileges. Affected product: Azure DevOps Server/Services. Root cause: bypass of authentication via assumed-immutable data in Azure DevOps. Impact: privilege escalat...
CVE-2026-42826
Technical details are not publicly available in the provided documents; no affected products/versions/vectors or remediation are specified here. Monitor for updates from official sources.
CVE-2026-23658
CVE-2026-23658 affects Microsoft Azure DevOps: msazure, with root cause described as insufficiently protected credentials enabling an unauthorized network-based privilege escalation. The description and multiple connected sources confirm impact to Azure DevOps components and privilege elevation, ...