Critical severity9.8NVD Advisory· Published Jul 15, 2019· Updated Jun 17, 2026
CVE-2019-1072
CVE-2019-1072
Description
A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.
Affected products
9(expand)+ 6 more
- (no CPE)
- (no CPE)range: 2017 Update 3.1
- (no CPE)range: SP1 (x86)
- (no CPE)range: Update 4
- (no CPE)range: unspecified
- (no CPE)range: Update 4.2
- (no CPE)range: Update 1.2
- Range: 2019.0.1
Patches
Vulnerability mechanics
References
1- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.