Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Azure Devops Server  >> 2019  Security Vulnerabilities
CVE-2019-0971
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'.
CVSS Score
6.5
EPSS Score
0.106
Published
2019-05-16
CVE-2019-0979
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0872.
CVSS Score
5.4
EPSS Score
0.006
Published
2019-05-16
CVE-2019-0872
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979.
CVSS Score
5.4
EPSS Score
0.006
Published
2019-05-16
CVE-2019-0874
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-04-09
CVE-2019-0875
An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'.
CVSS Score
7.5
EPSS Score
0.034
Published
2019-04-09
CVE-2019-0857
A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.
CVSS Score
6.5
EPSS Score
0.164
Published
2019-04-09
CVE-2019-0866
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0867, CVE-2019-0868, CVE-2019-0870, CVE-2019-0871.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-04-09
CVE-2019-0867
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0868, CVE-2019-0870, CVE-2019-0871.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-04-09
CVE-2019-0868
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0870, CVE-2019-0871.
CVSS Score
6.1
EPSS Score
0.007
Published
2019-04-09
CVE-2019-0869
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-04-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved