{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T12:45:20.401","vulnerabilities":[{"cve":{"id":"CVE-2019-1425","sourceIdentifier":"secure@microsoft.com","published":"2019-11-12T19:15:14.503","lastModified":"2024-11-21T04:36:40.547","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'."},{"lang":"es","value":"Se presenta una vulnerabilidad de elevación de privilegios cuando Visual Studio no es capaz de comprobar apropiadamente los enlaces físicos mientras extrae los archivos registrados, también se conoce como \"Visual Studio Elevation of Privilege Vulnerability\"."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*","matchCriteriaId":"6290EF90-AB91-4990-8D44-4F64F49AE133"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*","matchCriteriaId":"3886D126-9ADC-4AAF-8169-70F3DE3A7773"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2019:16.3:*:*:*:*:*:*:*","matchCriteriaId":"CAFA5034-FD50-4DAB-B676-39FB188AC3EE"}]}]}],"references":[{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1425","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1425","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}