{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T14:59:13.290","vulnerabilities":[{"cve":{"id":"CVE-2019-1077","sourceIdentifier":"secure@microsoft.com","published":"2019-07-15T19:15:17.530","lastModified":"2024-11-21T04:35:58.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'."},{"lang":"es","value":"Existe una vulnerabilidad de elevación de privilegios cuando el servicio de actualización de Visual Studio maneja inapropiadamente los permisos de archivo, también se conoce como \"Visual Studio Elevation of Privilege Vulnerability\"."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:C/A:C","baseScore":6.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":9.2,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*","matchCriteriaId":"6290EF90-AB91-4990-8D44-4F64F49AE133"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*","matchCriteriaId":"3886D126-9ADC-4AAF-8169-70F3DE3A7773"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2019:16.1:*:*:*:*:*:*:*","matchCriteriaId":"2E7095AD-D5B8-4E98-8F8E-60B193CEFB5A"}]}]}],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1077","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1077","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}