Unrated severityNVD Advisory· Published Sep 11, 2019· Updated Aug 4, 2024

CVE-2019-1306

Description

A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.

Affected products

Microsoft/Azure DevOps Serverllm-fuzzy
Microsoft/Team Foundation Serverllm-fuzzy
Microsoft/Azure Devopscpe-rescue
Range: 2019.0.1
Microsoft/Azure DevOps Server 2019 Update 1v5
Range: unspecified
Microsoft/Visual Studio Team Foundation Servercpe-rescue
Range: Update 3.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1306mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.021
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000