CVE-2021-28459: Azure DevOps Server Spoofing Vulnerability

Overview

Severity

Medium (CVSS 6.1)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2021-Apr

Released

2021-04-13

EPSS Score

0.82% (percentile: 74.5%)

Affected Products (1)

Developer Tools

• Azure DevOps Server 2020.0.1

Security Updates (1)

• Release Notes

Acknowledgments

Li of <a href="https://sec-consult.com/de/vulnerability-lab/">SEC Consult Deutschland Unternehmensberatung GmbH</a>

Revision History

• 2021-04-13: Information published.