CVE-2019-0857
First published: Tue Apr 09 2019(Updated: )
A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Azure DevOps Server | =2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-0857?
CVE-2019-0857 is a spoofing vulnerability that could allow a security feature bypass in Azure DevOps Server.
How does the spoofing vulnerability in Azure DevOps Server occur?
The spoofing vulnerability occurs when Azure DevOps Server does not properly sanitize user provided input.
What is the severity of CVE-2019-0857?
The severity of CVE-2019-0857 is medium with a CVSS score of 6.5.
How can I fix the spoofing vulnerability in Azure DevOps Server?
To fix the spoofing vulnerability, it is recommended to apply the necessary security patches provided by Microsoft.
Where can I find more information about CVE-2019-0857?
You can find more information about CVE-2019-0857 at the following references: [http://www.securityfocus.com/bid/107760](http://www.securityfocus.com/bid/107760) and [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0857](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0857).
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft azure devops server
- version/microsoft azure devops server/2019