Unsecured Communication in Team Foundation Server Allows Remote Code Execution

Unsecured Communication in Team Foundation Server Allows Remote Code Execution

CVE-2018-8529 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.

Learn more about our Cis Benchmark Audit For Server Software.