CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1072

A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.24

EPSS Ranking 95.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2019-1072

Microsoft » Team Foundation Server » Version: 2010

cpe:2.3:a:microsoft:team_foundation_server:2010
Microsoft » Team Foundation Server » Version: 2012

cpe:2.3:a:microsoft:team_foundation_server:2012
Microsoft » Team Foundation Server » Version: 2013

cpe:2.3:a:microsoft:team_foundation_server:2013
Microsoft » Team Foundation Server » Version: 2015

cpe:2.3:a:microsoft:team_foundation_server:2015
Microsoft » Team Foundation Server » Version: 2017

cpe:2.3:a:microsoft:team_foundation_server:2017
Microsoft » Team Foundation Server » Version: 2018

cpe:2.3:a:microsoft:team_foundation_server:2018
Microsoft » Azure Devops Server » Version: 2019.0.1

cpe:2.3:o:microsoft:azure_devops_server:2019.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1072

Products

Pricing

Contact Us