Описание
Team Foundation Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services. Without basic authorization, an attacker could run certain commands on the Search service.
The security update addresses the vulnerability by ensuring that Team Foundation Server enables basic authorization.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Team Foundation Server 2018 Update 1.1 | ||
| Team Foundation Server 2018 Update 3 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
DOS
EPSS
Связанные уязвимости
A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.
A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.
Уязвимость программного средства Microsoft Team Foundation Server, связанная с ошибками процедуры авторизации, позволяющая нарушителю выполнить произвольные команды
EPSS