[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

127571

 
 

909

 
 

105400

 
 

152

Paid content will be excluded from the download.


Download | Alert*
OVAL

Azure DevOps Server Elevation of Privilege Vulnerability - CVE-2019-0875

ID: oval:org.secpod.oval:def:54263Date: (C)2019-04-11   (M)2019-07-18
Class: VULNERABILITYFamily: windows




An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions. An attacker who exploited the vulnerabilty could add GitHub repos to a project without having the proper access granted to their account. To exploit the vulnerability, an attacker with access to a project would need to send a specially crafted request to an affected Azure DevOps Server.

Platform:
Microsoft Windows 10
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Product:
Azure DevOps Server 2019
Reference:
CVE-2019-0875
CVE    1
CVE-2019-0875
CPE    1
cpe:/o:microsoft:azure_devops_server_2019

© SecPod Technologies