CVE-2019-1306

Summary

A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftTeam Foundation Server 2018Update 3.2affected
MicrosoftAzure DevOps Server2019.0.1affected
MicrosoftAzure DevOps Server 2019 Update 1unspecifiedaffected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References