CVE-2020-0758

High

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens,…

microsoft·NVD-CWE-noinfo·Published 2020-03-12

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

274 chars

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815.

NVDen

274 chars

NVDes

340 chars

Existe una vulnerabilidad de elevación de privilegios cuando Azure DevOps Server y Team Foundation Services manejan inapropiadamente los tokens de trabajo de canalización (pipeline), también se conoce como "Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-0815.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.0	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P
3.1	Primary	NVD	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H