CVE-2019-0971

Summary

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftTeam Foundation Server 2018Update 3.2affected
MicrosoftAzure DevOps Server2019affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References