Azure DevOps Server EoP via Authentication Flaw
CVE-2023-36561 Published on October 10, 2023
Azure DevOps Server Elevation of Privilege Vulnerability
Azure DevOps Server Elevation of Privilege Vulnerability
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2023-36561 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2023-36561
Want to know whenever a new CVE is published for Microsoft Azure Devops Server? stack.watch will email you.
Affected Versions
Microsoft Azure DevOps Server 2022.0.1:- Version 2022.0.0 and below 20230926.1 is affected.
- Version 2020.0.0 and below 20230927.1 is affected.
- Version 2020.1.0 and below 20230926.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.