Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Team Foundation Server 2012 by Microsoft

    CVE-2019-1072 (GCVE-0-2019-1072)

    Vulnerability from nvd – Published: 2019-07-15 18:56 – Updated: 2024-08-04 18:06
    VLAI
    Summary
    A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:06:31.541Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Team Foundation Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "Update 4"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2013 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2018",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "Update 1.2"
                },
                {
                  "status": "affected",
                  "version": "Update 3.2"
                }
              ]
            },
            {
              "product": "Team Foundation Server",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "2017 Update 3.1"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2015",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "Update 4.2"
                }
              ]
            },
            {
              "product": "Azure DevOps Server",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "2019.0.1"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2010",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "SP1 (x86)"
                },
                {
                  "status": "affected",
                  "version": "SP1 (x64)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka \u0027Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability\u0027."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-15T18:56:20.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2019-1072",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Team Foundation Server 2012",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Update 4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2013 Update 5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2018",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Update 1.2"
                              },
                              {
                                "version_value": "Update 3.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2017 Update 3.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2015",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Update 4.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Azure DevOps Server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2019.0.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2010",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SP1 (x86)"
                              },
                              {
                                "version_value": "SP1 (x64)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka \u0027Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability\u0027."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072",
                  "refsource": "MISC",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1072",
        "datePublished": "2019-07-15T18:56:20.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:06:31.541Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1072 (GCVE-0-2019-1072)

    Vulnerability from cvelistv5 – Published: 2019-07-15 18:56 – Updated: 2024-08-04 18:06
    VLAI
    Summary
    A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:06:31.541Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Team Foundation Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "Update 4"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2013 Update 5",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2018",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "Update 1.2"
                },
                {
                  "status": "affected",
                  "version": "Update 3.2"
                }
              ]
            },
            {
              "product": "Team Foundation Server",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "2017 Update 3.1"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2015",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "Update 4.2"
                }
              ]
            },
            {
              "product": "Azure DevOps Server",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "2019.0.1"
                }
              ]
            },
            {
              "product": "Team Foundation Server 2010",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "SP1 (x86)"
                },
                {
                  "status": "affected",
                  "version": "SP1 (x64)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka \u0027Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability\u0027."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-15T18:56:20.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2019-1072",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Team Foundation Server 2012",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Update 4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2013 Update 5",
                          "version": {
                            "version_data": [
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2018",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Update 1.2"
                              },
                              {
                                "version_value": "Update 3.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2017 Update 3.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2015",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Update 4.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Azure DevOps Server",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2019.0.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Team Foundation Server 2010",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "SP1 (x86)"
                              },
                              {
                                "version_value": "SP1 (x64)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka \u0027Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability\u0027."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072",
                  "refsource": "MISC",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1072"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1072",
        "datePublished": "2019-07-15T18:56:20.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:06:31.541Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }