nvd-json-data-feeds/CVE-2019/CVE-2019-12xx/CVE-2019-1211.json

{
  "id": "CVE-2019-1211",
  "sourceIdentifier": "secure@microsoft.com",
  "published": "2019-08-14T21:15:18.347",
  "lastModified": "2020-08-24T17:37:01.140",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses configuration files, aka 'Git for Visual Studio Elevation of Privilege Vulnerability'."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de elevaci\u00f3n de privilegios en Git para Visual Studio, cuando analiza inapropiadamente los archivos de configuraci\u00f3n, tambi\u00e9n se conoce como \"Git for Visual Studio Elevation of Privilege Vulnerability\"."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
          "accessVector": "LOCAL",
          "accessComplexity": "HIGH",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.7
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 1.9,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA983E6-A2DA-48BB-9874-14CF4B3AAE15"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6290EF90-AB91-4990-8D44-4F64F49AE133"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3886D126-9ADC-4AAF-8169-70F3DE3A7773"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE087F4D-F5FC-4286-B559-AE5C0E448D27"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1211",
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}