{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T11:32:45.692","vulnerabilities":[{"cve":{"id":"CVE-2019-0857","sourceIdentifier":"secure@microsoft.com","published":"2019-04-09T21:29:02.427","lastModified":"2024-11-21T04:17:23.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'."},{"lang":"es","value":"Una vulnerabilidad de suplantación podría permitir la omisión de una característica de seguridad cuando Azure DevOps Server no sanea correctamente la entrada proporcionada por el usuario, también se conoce como \"Azure DevOps Server Spoofing Vulnerability\"."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-116"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:azure_devops_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"ADD056B7-6557-45DE-AB88-A9EE4A572ADA"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/107760","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0857","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/107760","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0857","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}