CVE-2020-1416

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Visual Studio 2019 Version 16.6 (includes 16.0 - 16.5); Visual Studio Code; Microsoft Visual Studio 2017 Version 15.9 (includes 15.0 - 15.8); Microsoft Visual Studio 2019
Vendor: CVE Published:; 14 July 2020

Summary

An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.

Affected Version(s)

Azure Storage Explorer = unspecified

Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) = unspecified

Microsoft Visual Studio 2019 16.0

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 14, 2020
Vulnerability Reserved
Nov 4, 2019

Collectors

NVD DatabaseMitre Database