Описание
Azure DevOps Server Remote Code Execution Vulnerability
FAQ
What privileges could be gained by an attacker who successfully exploited the vulnerability?
An attacker who successfully exploited this vulnerability could gain administrator privileges.
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7 High
CVSS3
Связанные уязвимости
Azure DevOps Server and Team Foundation Server Elevation of Privilege Vulnerability
Уязвимость класса MachinePropertyBag средства разработки программного обеспечения Azure DevOps Server, позволяющая нарушителю выполнить произвольный код
EPSS
7 High
CVSS3