Vulnerability in Microsoft Azure_devops_server
CVE-2020-0815
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This C…
EPSS: 0.018 (76.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Microsoft Azure_devops_server — versions 2019
- Microsoft Azure Devops Server 2019 Update 1.1 — versions unspecified
References
- secure@microsoft.com (Patch, x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-0815?
- CVE-2020-0815 is a high-severity vulnerability in Microsoft Azure_devops_server. CVSS score: 7.5/10. Published 2020-03-12.
- How severe is CVE-2020-0815?
- High severity. CVSS v3 base score is 7.5 out of 10.