Microsoft NuGet Package Manager CVE-2019-0976 Tampering Security Bypass Vulnerability

2019-05-14T00:00:00
ID SMNTC-108210
Type symantec
Reporter Symantec Security Response
Modified 2019-05-14T00:00:00

Description

Description

Microsoft NuGet is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions.

Technologies Affected

  • Microsoft NuGet 5.0.2

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.

Updates are available. Please see the references or vendor advisory for more information.