Sep 2019:
CVE-2019-1306 Published on September 11, 2019

A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.

NVD

Products Associated with CVE-2019-1306

stack.watch emails you whenever new vulnerabilities are published in Microsoft Team Foundation Server or Microsoft Azure Devops Server. Just hit a watch button to start following.

Microsoft Team Foundation Server

Microsoft Azure Devops Server

Affected Versions

Microsoft Team Foundation Server 2018:

Version Update 3.2 is affected.

Microsoft Azure DevOps Server:

Version 2019.0.1 is affected.

Microsoft Azure DevOps Server 2019 Update 1:

Version unspecified is affected.

Exploit Probability

EPSS

26.05%

Percentile

96.21%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Sep 2019: CVE-2019-1306 Published on September 11, 2019

Products Associated with CVE-2019-1306

Affected Versions

Exploit Probability

Sep 2019:
CVE-2019-1306 Published on September 11, 2019