{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T14:55:48.251","vulnerabilities":[{"cve":{"id":"CVE-2019-0971","sourceIdentifier":"secure@microsoft.com","published":"2019-05-16T19:29:04.770","lastModified":"2024-11-21T04:17:35.683","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'."},{"lang":"es","value":"Existe una vulnerabilidad de revelación de información cuando Azure DevOps Server y Microsoft Team Foundation Server no  hacen un saneamiento adecuado para una solicitud de autenticación especialmente creada para un servidor afectado, también se conoce como 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-116"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:team_foundation_server:2018:3.2:*:*:*:*:*:*","matchCriteriaId":"5296DF6D-D32A-4D70-9A32-441750704C9A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:azure_devops_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"ADD056B7-6557-45DE-AB88-A9EE4A572ADA"}]}]}],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0971","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}