CVE-2019-0727
First published: Thu May 16 2019(Updated: )
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability'.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Visual Studio | =2015-update3 | |
| Microsoft Visual Studio 2017 | =15.0 | |
| Microsoft Visual Studio 2017 | =15.9 | |
| Microsoft Visual Studio 2019 | =16.0 | |
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =1803 | |
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-0727?
CVE-2019-0727 is an elevation of privilege vulnerability that exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.
How can an attacker exploit CVE-2019-0727?
To exploit CVE-2019-0727, an attacker would first have to log on to the system.
What is the severity of CVE-2019-0727?
CVE-2019-0727 has a severity score of 7.8 (high).
Which software and operating systems are affected by CVE-2019-0727?
CVE-2019-0727 affects Microsoft Visual Studio 2015 Update 3, Microsoft Visual Studio 2017 (versions 15.0 and 15.9), Microsoft Visual Studio 2019 (version 16.0), and Microsoft Windows 10 (versions 1607, 1703, 1709, 1803, 1809, and 1903), as well as Microsoft Windows Server 2016 (versions 1803 and 1903) and Microsoft Windows Server 2019.
How do I fix CVE-2019-0727?
To fix CVE-2019-0727, it is recommended to apply the latest security updates provided by Microsoft.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/remedy
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft visual studio
- version/microsoft visual studio/2015-update3
- canonical/microsoft visual studio 2017
- version/microsoft visual studio 2017/15.0
- version/microsoft visual studio 2017/15.9
- canonical/microsoft visual studio 2019
- version/microsoft visual studio 2019/16.0
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- version/microsoft windows 10/1803
- version/microsoft windows 10/1809
- version/microsoft windows 10/1903
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/1803
- version/microsoft windows server 2016/1903
- canonical/microsoft windows server 2019