Vulnerability in Microsoft Visual Studio 2017 Version 15.9 (Includes 15.1 - 15.8)
CVE-2020-0884
A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'.
EPSS: 0.016 (82.3th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Visual Studio 2017 Version 15.9 (Includes 15.1 - 15.8) — versions unspecified
- Microsoft Visual Studio 2019 — versions 16.0
- Microsoft Visual Studio 2019 Version 16.4 (Includes 16.0 - 16.3) — versions unspecified
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0884 (x_refsource_MISC)