Latest microsoft azure devops server Vulnerabilities

CVE-2024-20667
Azure DevOps Server Remote Code Execution Vulnerability
Microsoft Azure DevOps Server 2019.1.2
Microsoft Azure DevOps Server 2022.1
Microsoft Azure DevOps Server 2020.1.2
Microsoft Azure DevOps Server=2019.1.2
Microsoft Azure DevOps Server=2020.1.2
Microsoft Azure DevOps Server=2022.1
CVE-2023-21751
Azure DevOps Server Spoofing Vulnerability
Microsoft Azure DevOps Server 2020.1.2
Microsoft Azure DevOps Server 2022.1
Microsoft Azure DevOps Server=2020.1.2
Microsoft Azure DevOps Server=2022.1.0
CVE-2023-36561
Azure DevOps Server Elevation of Privilege Vulnerability
Microsoft Azure DevOps Server 2020.1.2
Microsoft Azure DevOps Server 2020.0.2
Microsoft Azure DevOps Server=2020.0.2
and 2 more
CVE-2023-38155
Azure DevOps Server Remote Code Execution Vulnerability
Microsoft Azure DevOps Server 2020.1.2
Microsoft Azure DevOps Server 2022.0.1
Microsoft Azure DevOps Server 2019.1.2
Microsoft Azure DevOps Server 2020.0.2
and 8 more
CVE-2023-33136
Azure DevOps Server Remote Code Execution Vulnerability
Microsoft Azure DevOps Server 2022.0.1
Microsoft Azure DevOps Server 2020.1.2
Microsoft Azure DevOps Server 2019.1.2
Microsoft Azure DevOps Server 2019.0.1
Microsoft Azure DevOps Server 2020.0.2
Microsoft Azure DevOps Server=2019.0.1
and 9 more
CVE-2023-36869
Azure DevOps Server Spoofing Vulnerability
Microsoft Azure DevOps Server 2019.0.1
Microsoft Azure DevOps Server=2019.0.1
and 3 more
CVE-2023-21569
Azure DevOps Server Spoofing Vulnerability
Microsoft Azure DevOps Server 2022.0.1
Microsoft Azure DevOps Server 2020.1.2
Microsoft Azure DevOps Server 2022
Microsoft Azure DevOps Server=2020.1.2
Microsoft Azure DevOps Server=2022
Microsoft Azure DevOps Server=2022.0.1
CVE-2023-21565
Azure DevOps Server Spoofing Vulnerability
Microsoft Azure DevOps Server 2020.1.2
Microsoft Azure DevOps Server 2022
Microsoft Azure DevOps Server 2022.0.1
Microsoft Azure DevOps Server=2020.1.2
Microsoft Azure DevOps Server=2022
Microsoft Azure DevOps Server=2022.0.1
CVE-2023-21564
Azure DevOps Server Cross-Site Scripting Vulnerability
Microsoft Azure DevOps Server=2022
Microsoft Azure DevOps Server=2022-patch1
Microsoft Azure DevOps Server 2022
CVE-2023-21553
Azure DevOps Server Remote Code Execution Vulnerability
Microsoft Azure DevOps Server=2020.1.2
Microsoft Azure DevOps Server=2020.1.2-patch1
Microsoft Azure DevOps Server=2020.1.2-patch2
Microsoft Azure DevOps Server=2020.1.2-patch3
Microsoft Azure DevOps Server=2020.1.2-patch4
Microsoft Azure DevOps Server 2020.1.2
CVE-2021-28459
Azure DevOps Server Spoofing Vulnerability
=2020.0.1
Microsoft Azure DevOps Server=2020.0.1
CVE-2021-27067
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
=2015-4.2
=2017-3.1
=2018-1.2
=2018-3.2
=2019-update1
=2019-update1.1
and 10 more
CVE-2020-17145
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
Microsoft Team Foundation Server=2015-4.2
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019-update1.1
Microsoft Azure DevOps Server=2019.0.1
and 1 more
CVE-2020-17135
Azure DevOps Server Spoofing Vulnerability
Microsoft Azure DevOps Server=2019-update1.1
Microsoft Azure DevOps Server=2019.0.1
CVE-2020-1325
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
=2019-update1.1
Microsoft Azure DevOps Server=2019-update1.1
CVE-2020-1326
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
Microsoft Azure DevOps Server=2019-update1
Microsoft Azure DevOps Server=2019-update1.1
Microsoft Azure DevOps Server=2019.0.1
CVE-2020-1327
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.
Microsoft Azure DevOps Server=2019-update1
Microsoft Azure DevOps Server=2019-update1.1
Microsoft Azure DevOps Server=2019.0.1
CVE-2020-0815
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevat...
Microsoft Azure DevOps Server=2019-update1.1
CVE-2020-0700
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019.0.1
Microsoft Azure DevOps Server=2019.0.1-update1
Microsoft Azure DevOps Server=2019.0.1-update1.1
CVE-2020-0758
Microsoft Team Foundation Server=2017-update3.1
Microsoft Team Foundation Server=2018-update1.2
Microsoft Team Foundation Server=2018-update3.2
Microsoft Azure DevOps Server=2019-update1
Microsoft Azure DevOps Server=2019-update1.1
Microsoft Azure DevOps Server=2019.0.1
CVE-2019-1306
A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code E...
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019-update1
Microsoft Azure DevOps Server=2019.0.1
CVE-2019-1305
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
Microsoft Team Foundation Server=2015-4.2
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019.0.1
CVE-2019-1076
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019.0.1
CVE-2019-0996
A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to authorize applications, resulting in a cross-site request forgery, aka 'Azure DevOps Server Spoofing Vulne...
Microsoft Azure DevOps Server=2019
CVE-2019-0971
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, ...
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019
CVE-2019-0979
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server ...
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019
CVE-2019-0872
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server ...
Microsoft Team Foundation Server=2015-4.2
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019
CVE-2019-0875
An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'.
Microsoft Azure DevOps Server=2019
CVE-2019-0874
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
Microsoft Azure DevOps Server
CVE-2019-0871
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server ...
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019
CVE-2019-0869
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.
Microsoft Azure DevOps Server=2019
CVE-2019-0866
Microsoft Azure DevOps Server=2019
Microsoft Team Foundation Server=2015-4.2
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
CVE-2019-0868
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server ...
Microsoft Team Foundation Server=2017-3.1
Microsoft Team Foundation Server=2018-1.2
Microsoft Team Foundation Server=2018-3.2
Microsoft Azure DevOps Server=2019
CVE-2019-0857
A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.
Microsoft Azure DevOps Server=2019
CVE-2019-0867
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server ...
Microsoft Azure DevOps Server=2019
Microsoft Team Foundation Server=2018-3.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203