Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for Microsoft Visual Studio 2019 version 16.0 by Microsoft

    CVE-2021-1680 (GCVE-0-2021-1680)

    Vulnerability from nvd – Published: 2021-01-12 19:42 – Updated: 2024-10-08 16:17
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.8 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2021-01-12 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.477Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1680"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-01-12T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-08T16:17:17.305Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1680"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-1680",
        "datePublished": "2021-01-12T19:42:21.000Z",
        "dateReserved": "2020-12-02T00:00:00.000Z",
        "dateUpdated": "2024-10-08T16:17:17.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1651 (GCVE-0-2021-1651)

    Vulnerability from nvd – Published: 2021-01-12 19:42 – Updated: 2024-10-08 16:17
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.8 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2021-01-12 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.009Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1651"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-01-12T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-08T16:17:03.178Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1651"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-1651",
        "datePublished": "2021-01-12T19:42:03.000Z",
        "dateReserved": "2020-12-02T00:00:00.000Z",
        "dateUpdated": "2024-10-08T16:17:03.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-17156 (GCVE-0-2020-17156)

    Vulnerability from nvd – Published: 2020-12-09 23:36 – Updated: 2026-06-09 18:07
    VLAI
    Title
    Visual Studio Remote Code Execution Vulnerability
    Summary
    Visual Studio Remote Code Execution Vulnerability
    CWE
    • Remote Code Execution
    Assigner
    References
    Date Public
    2020-12-08 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:53:17.058Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17156"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "15.9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2020-12-08T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Visual Studio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T18:07:59.964Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Visual Studio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17156"
            }
          ],
          "title": "Visual Studio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-17156",
        "datePublished": "2020-12-09T23:36:59.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2026-06-09T18:07:59.964Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-17100 (GCVE-0-2020-17100)

    Vulnerability from nvd – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:51
    VLAI
    Title
    Visual Studio Tampering Vulnerability
    Summary
    Visual Studio Tampering Vulnerability
    CWE
    • Tampering
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.8 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-11-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:53:16.331Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17100"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-11-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Visual Studio Tampering Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Tampering",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T15:51:23.251Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17100"
            }
          ],
          "title": "Visual Studio Tampering Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-17100",
        "datePublished": "2020-11-11T06:48:35.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2024-09-10T15:51:23.251Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1133 (GCVE-0-2020-1133)

    Vulnerability from nvd – Published: 2020-09-11 17:09 – Updated: 2024-08-04 06:25
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.</p>
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:25:01.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eAn elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.\u003c/p\u003e\n\u003cp\u003eAn attacker could exploit this vulnerability by running a specially crafted application on the victim system.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:34:44.638Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1133"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-1133",
        "datePublished": "2020-09-11T17:09:01.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:25:01.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1130 (GCVE-0-2020-1130)

    Vulnerability from nvd – Published: 2020-09-11 17:09 – Updated: 2024-08-04 06:25
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.</p>
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:25:01.223Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1130"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eAn elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.\u003c/p\u003e\n\u003cp\u003eAn attacker could exploit this vulnerability by running a specially crafted application on the victim system.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:34:44.115Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1130"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-1130",
        "datePublished": "2020-09-11T17:09:01.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:25:01.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-16874 (GCVE-0-2020-16874)

    Vulnerability from nvd – Published: 2020-09-11 17:08 – Updated: 2024-08-04 13:45
    VLAI
    Title
    Visual Studio Remote Code Execution Vulnerability
    Summary
    <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2012 Update 5 Affected: 11.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2013 Update 5 Affected: 12.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:45:34.227Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16874"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2012 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2013 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eA remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\u003c/p\u003e\n\u003cp\u003eTo exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting how Visual Studio handles objects in memory.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:35:05.625Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16874"
            }
          ],
          "title": "Visual Studio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-16874",
        "datePublished": "2020-09-11T17:08:47.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T13:45:34.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-16856 (GCVE-0-2020-16856)

    Vulnerability from nvd – Published: 2020-09-11 17:08 – Updated: 2024-08-04 13:45
    VLAI
    Title
    Visual Studio Remote Code Execution Vulnerability
    Summary
    <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2012 Update 5 Affected: 11.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2013 Update 5 Affected: 12.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:45:34.276Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16856"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2012 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2013 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eA remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\u003c/p\u003e\n\u003cp\u003eTo exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting how Visual Studio handles objects in memory.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:34:01.879Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16856"
            }
          ],
          "title": "Visual Studio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-16856",
        "datePublished": "2020-09-11T17:08:40.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T13:45:34.276Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1597 (GCVE-0-2020-1597)

    Vulnerability from nvd – Published: 2020-08-17 19:13 – Updated: 2024-08-04 06:39
    VLAI
    Title
    ASP.NET Core Denial of Service Vulnerability
    Summary
    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft ASP.NET Core 2.1 Affected: 2.0 , < publication (custom)
        cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft ASP.NET Core 3.1 Affected: 3.0 , < publication (custom)
        cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-08-11 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:39:10.725Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597"
              },
              {
                "name": "FEDORA-2020-cad5d17c6d",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/"
              },
              {
                "name": "FEDORA-2020-9ddf1aa50b",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "ASP.NET Core 2.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "ASP.NET Core 3.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-08-11T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.\nA remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.\nThe update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:33:24.159Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597"
            },
            {
              "name": "FEDORA-2020-cad5d17c6d",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/"
            },
            {
              "name": "FEDORA-2020-9ddf1aa50b",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/"
            }
          ],
          "title": "ASP.NET Core Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-1597",
        "datePublished": "2020-08-17T19:13:53.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:39:10.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1211 (GCVE-0-2019-1211)

    Vulnerability from nvd – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
    VLAI
    Title
    Git for Visual Studio Elevation of Privilege Vulnerability
    Summary
    An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The attacker would then need to convince another user on the system to execute specific Git commands. The update addresses the issue by changing the permissions required to edit configuration files.
    Severity
    No CVSS data available.
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2017 Affected: 15.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.2 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:powershell_core:6.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2019-08-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:13:29.223Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1211"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:powershell_core:6.2:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-08-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user.\nTo exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The attacker would then need to convince another user on the system to execute specific Git commands.\nThe update addresses the issue by changing the permissions required to edit configuration files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:51:07.566Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1211"
            }
          ],
          "title": "Git for Visual Studio Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1211",
        "datePublished": "2019-08-14T20:55:05.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:13:29.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1680 (GCVE-0-2021-1680)

    Vulnerability from cvelistv5 – Published: 2021-01-12 19:42 – Updated: 2024-10-08 16:17
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.8 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2021-01-12 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.477Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1680"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-01-12T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-08T16:17:17.305Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1680"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-1680",
        "datePublished": "2021-01-12T19:42:21.000Z",
        "dateReserved": "2020-12-02T00:00:00.000Z",
        "dateUpdated": "2024-10-08T16:17:17.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1651 (GCVE-0-2021-1651)

    Vulnerability from cvelistv5 – Published: 2021-01-12 19:42 – Updated: 2024-10-08 16:17
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.8 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2021-01-12 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.009Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1651"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-01-12T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-08T16:17:03.178Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1651"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-1651",
        "datePublished": "2021-01-12T19:42:03.000Z",
        "dateReserved": "2020-12-02T00:00:00.000Z",
        "dateUpdated": "2024-10-08T16:17:03.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-17156 (GCVE-0-2020-17156)

    Vulnerability from cvelistv5 – Published: 2020-12-09 23:36 – Updated: 2026-06-09 18:07
    VLAI
    Title
    Visual Studio Remote Code Execution Vulnerability
    Summary
    Visual Studio Remote Code Execution Vulnerability
    CWE
    • Remote Code Execution
    Assigner
    References
    Date Public
    2020-12-08 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:53:17.058Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17156"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "15.9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "publication",
                      "versionStartIncluding": "16.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "datePublic": "2020-12-08T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Visual Studio Remote Code Execution Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-09T18:07:59.964Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Visual Studio Remote Code Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17156"
            }
          ],
          "title": "Visual Studio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-17156",
        "datePublished": "2020-12-09T23:36:59.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2026-06-09T18:07:59.964Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-17100 (GCVE-0-2020-17100)

    Vulnerability from cvelistv5 – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:51
    VLAI
    Title
    Visual Studio Tampering Vulnerability
    Summary
    Visual Studio Tampering Vulnerability
    CWE
    • Tampering
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.8 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-11-10 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:53:16.331Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17100"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.8",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-11-10T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Visual Studio Tampering Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Tampering",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T15:51:23.251Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17100"
            }
          ],
          "title": "Visual Studio Tampering Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-17100",
        "datePublished": "2020-11-11T06:48:35.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2024-09-10T15:51:23.251Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1130 (GCVE-0-2020-1130)

    Vulnerability from cvelistv5 – Published: 2020-09-11 17:09 – Updated: 2024-08-04 06:25
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.</p>
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:25:01.223Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1130"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eAn elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.\u003c/p\u003e\n\u003cp\u003eAn attacker could exploit this vulnerability by running a specially crafted application on the victim system.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:34:44.115Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1130"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-1130",
        "datePublished": "2020-09-11T17:09:01.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:25:01.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1133 (GCVE-0-2020-1133)

    Vulnerability from cvelistv5 – Published: 2020-09-11 17:09 – Updated: 2024-08-04 06:25
    VLAI
    Title
    Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
    Summary
    <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.</p>
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:25:01.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eAn elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.\u003c/p\u003e\n\u003cp\u003eAn attacker could exploit this vulnerability by running a specially crafted application on the victim system.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:34:44.638Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1133"
            }
          ],
          "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-1133",
        "datePublished": "2020-09-11T17:09:01.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:25:01.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-16874 (GCVE-0-2020-16874)

    Vulnerability from cvelistv5 – Published: 2020-09-11 17:08 – Updated: 2024-08-04 13:45
    VLAI
    Title
    Visual Studio Remote Code Execution Vulnerability
    Summary
    <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2012 Update 5 Affected: 11.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2013 Update 5 Affected: 12.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:45:34.227Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16874"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2012 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2013 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eA remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\u003c/p\u003e\n\u003cp\u003eTo exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting how Visual Studio handles objects in memory.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:35:05.625Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16874"
            }
          ],
          "title": "Visual Studio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-16874",
        "datePublished": "2020-09-11T17:08:47.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T13:45:34.227Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-16856 (GCVE-0-2020-16856)

    Vulnerability from cvelistv5 – Published: 2020-09-11 17:08 – Updated: 2024-08-04 13:45
    VLAI
    Title
    Visual Studio Remote Code Execution Vulnerability
    Summary
    <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
    CWE
    • Remote Code Execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2012 Update 5 Affected: 11.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2013 Update 5 Affected: 12.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2015 Update 3 Affected: 14.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-09-08 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T13:45:34.276Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16856"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2012 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "11.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2013 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2015 Update 3",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-09-08T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "\u003cp\u003eA remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.\u003c/p\u003e\n\u003cp\u003eTo exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.\u003c/p\u003e\n\u003cp\u003eThe update addresses the vulnerability by correcting how Visual Studio handles objects in memory.\u003c/p\u003e"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-31T21:34:01.879Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16856"
            }
          ],
          "title": "Visual Studio Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-16856",
        "datePublished": "2020-09-11T17:08:40.000Z",
        "dateReserved": "2020-08-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T13:45:34.276Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-1597 (GCVE-0-2020-1597)

    Vulnerability from cvelistv5 – Published: 2020-08-17 19:13 – Updated: 2024-08-04 06:39
    VLAI
    Title
    ASP.NET Core Denial of Service Vulnerability
    Summary
    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft ASP.NET Core 2.1 Affected: 2.0 , < publication (custom)
        cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft ASP.NET Core 3.1 Affected: 3.0 , < publication (custom)
        cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Affected: 16.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2020-08-11 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:39:10.725Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597"
              },
              {
                "name": "FEDORA-2020-cad5d17c6d",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/"
              },
              {
                "name": "FEDORA-2020-9ddf1aa50b",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "ASP.NET Core 2.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "ASP.NET Core 3.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-08-11T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.\nA remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application.\nThe update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:33:24.159Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597"
            },
            {
              "name": "FEDORA-2020-cad5d17c6d",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW4CBI26KSO3PRL3HLVVISXPPOYUHSXO/"
            },
            {
              "name": "FEDORA-2020-9ddf1aa50b",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WH5FQ5VT3JGHXFXOETHCTBWJUIAPGHHT/"
            }
          ],
          "title": "ASP.NET Core Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-1597",
        "datePublished": "2020-08-17T19:13:53.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:39:10.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1211 (GCVE-0-2019-1211)

    Vulnerability from cvelistv5 – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
    VLAI
    Title
    Git for Visual Studio Elevation of Privilege Vulnerability
    Summary
    An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user. To exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The attacker would then need to convince another user on the system to execute specific Git commands. The update addresses the issue by changing the permissions required to edit configuration files.
    Severity
    No CVSS data available.
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Microsoft Visual Studio 2017 Affected: 15.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Affected: 15.9.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.0 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Visual Studio 2019 version 16.2 Affected: 16.0 , < publication (custom)
        cpe:2.3:a:microsoft:powershell_core:6.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2019-08-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:13:29.223Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1211"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "15.9.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.0",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:powershell_core:6.2:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Visual Studio 2019 version 16.2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "16.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-08-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user.\nTo exploit the vulnerability, an authenticated attacker would need to modify Git configuration files on a system prior to a full installation of the application. The attacker would then need to convince another user on the system to execute specific Git commands.\nThe update addresses the issue by changing the permissions required to edit configuration files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:51:07.566Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1211"
            }
          ],
          "title": "Git for Visual Studio Elevation of Privilege Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1211",
        "datePublished": "2019-08-14T20:55:05.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:13:29.223Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }