We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE

PUBLISHED

CVE-2024-20667

Azure DevOps Server Remote Code Execution Vulnerability

Assigner	microsoft
Reserved	2023-11-28
Published	2024-02-13
Updated	2024-07-19

Description

Azure DevOps Server Remote Code Execution Vulnerability

HIGH: 7.5

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

Product status

20231128.1 before 20240126.4

affected

1.0.0 before 20240126.6

affected

2020.1.0 before 20240126.2

affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20667 (Azure DevOps Server Remote Code Execution Vulnerability) vendor-advisory

cve.org CVE-2024-20667

nvd.nist.gov CVE-2024-20667

Download JSON

https://cve.threatint.com/CVE/CVE-2024-20667

Find us on

Data Privacy
Terms of Use

© Copyright 2024 THREATINT. Made in Cyprus with ❤ + ☼