Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Azure DevOps Server | affected |
|
||||||
| Microsoft | Azure DevOps Server 2020.1.2 | affected |
|
||||||
| Microsoft | Azure DevOps Server 2022.0.1 | affected |
|
||||||
| Microsoft | Azure DevOps Server 2019.0.1 | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-40789 | Azure DevOps Server Spoofing Vulnerability |
Wed, 25 Feb 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:o:microsoft:azure_devops_server:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:azure_devops_server:*:-:*:*:*:*:*:* |
Tue, 15 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Thu, 02 Jan 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jan 2025 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:o:microsoft:azure_devops_server:2020:-:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2025-01-01T01:59:07.427Z
Reserved: 2023-06-27T20:26:38.144Z
Link: CVE-2023-36869
Vulnrichment
Updated: 2024-08-02T17:01:09.841Z
NVD
Status : Modified
Published: 2023-08-08T18:15:14.613
Modified: 2024-11-21T08:10:48.833
Link: CVE-2023-36869
Redhat
No data.
OpenCVE Enrichment
No data.