Vulnerabilities for Azure devops server (...) - CXSECURITY.COM

Vulnerabilities for 'Azure devops server'

2021-04-13

CVE-2021-28459

CWE-79

Azure DevOps Server Spoofing Vulnerability

CVE-2021-27067

CWE-200

Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability

2020-12-10

CVE-2020-17145

CWE-20

, aka 'Azure DevOps Server and Team Foundation Services Spoofing Vulnerability'.

CVE-2020-17135

CWE-20

, aka 'Azure DevOps Server Spoofing Vulnerability'.

2020-07-14

CVE-2020-1326

CWE-79

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.

2020-06-09

CVE-2020-1327

CWE-74

A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.

2020-03-12

CVE-2020-0815

CWE-269

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758.

CVE-2020-0758

CWE-269

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815.

CVE-2020-0700

CWE-79

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.

2019-09-11

CVE-2019-1306

CWE-20

A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.

Copyright 2024, cxsecurity.com