CVE-2020-0758

EUVD-2020-2247
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
microsoftazure_devops_server
2019.0.1
𝑥
= Vulnerable software versions
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0758
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0758