Azure DevOps Server and Team Foundation Server Authentication Request Information Disclosure Vulnerability

Azure DevOps Server and Team Foundation Server Authentication Request Information Disclosure Vulnerability

CVE-2019-0971 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'.

Learn more about our Azure Audit.