THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-20667

Azure DevOps Server Remote Code Execution Vulnerability

Reserved:2023-11-28
Published:2024-02-13
Updated:2024-06-11

Description

Azure DevOps Server Remote Code Execution Vulnerability



HIGH: 7.5CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

Product status

20231128.1 before 20240126.4
affected

1.0.0 before 20240126.6
affected

2020.1.0 before 20240126.2
affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20667 (Azure DevOps Server Remote Code Execution Vulnerability) vendor-advisory

cve.org CVE-2024-20667

nvd.nist.gov CVE-2024-20667

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-20667