The host is installed with Team Foundation Server 2018 Update 1.1 or Update 3 and is prone to a remote code execution vulnerability. The application fails to handle issues in authorization between TSF and search services. On successful exploitation, an attacker could run certain commands on the search service without basic authorization.