CVE-2019-1072
CVE-2019-1072
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 12.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
15 Jul 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.
Affected products
Microsoft · Azure DevOps ServerMicrosoft · Team Foundation ServerMicrosoft · Team Foundation Server 2010Microsoft · Team Foundation Server 2012Microsoft · Team Foundation Server 2013 Update 5Microsoft · Team Foundation Server 2015Microsoft · Team Foundation Server 2018Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →