VDB

CVE-2024-20667

CVE-2024-20667 PUBLISHED

Es bestehen mehrere Schwachstellen in den Developer Tools. Diese Fehler bestehen in den Anwendungen Microsoft ASP.NET, Microsoft Azure DevOps Server und Microsoft Visual Studio 2022. Diese Fehler sind noch nicht im Detail beschrieben. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu verursachen.

EPSS 0.31% · 54.9th percentile

Risk Scores

EPSS Score
0.31%
54.9th percentile

Affected Products

VendorProductVersions
MicrosoftMicrosoft Azure DevOps Server 2022.1
MicrosoftMicrosoft Azure DevOps Server 2019.1.2
Red HatRed Hat Enterprise Linux
MicrosoftMicrosoft Visual Studio 2022 version 17.8
MicrosoftMicrosoft Azure Active Directory B2C
MicrosoftMicrosoft Azure DevOps Server 2020.1.2
MicrosoftMicrosoft Visual Studio 2022 version 17.4
MicrosoftMicrosoft Azure Connected Machine Agent
OracleOracle Linux
MicrosoftMicrosoft Azure Stack Hub
RESFRESF Rocky Linux
MicrosoftMicrosoft ASP.NET Core 6.0
MicrosoftMicrosoft ASP.NET Core 7.0
MicrosoftMicrosoft ASP.NET Core 8.0
MicrosoftMicrosoft Azure File Sync v17.0
MicrosoftMicrosoft Azure File Sync v15.0
MicrosoftMicrosoft Azure File Sync v14.0
MicrosoftMicrosoft Azure Site Recovery
MicrosoftMicrosoft Azure Kubernetes Service Confidential Containers
MicrosoftMicrosoft Azure File Sync v16.0

…and 1 more

Timeline

  • Feb 13, 2024 CVE Published
  • Feb 13, 2024 PoC Published
  • Feb 14, 2024 EPSS Score
  • Mar 12, 2024 EPSS Score
  • Apr 8, 2024 EPSS Score
  • Jun 1, 2024 EPSS Score
  • Jun 28, 2024 EPSS Score
  • Jul 25, 2024 EPSS Score
  • Aug 21, 2024 EPSS Score
  • Sep 18, 2024 EPSS Score
  • Oct 4, 2024 Coalition ESS Score
  • Nov 11, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›