Show plain JSON{"id": "CVE-2020-0900", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2020-04-15T15:15:14.557", "references": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0900", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0900", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Privilege Vulnerability'."}, {"lang": "es", "value": "Hay una vulnerabilidad de elevaci\u00f3n de privilegios cuando el Visual Studio Extension Installer Service maneja inapropiadamente operaciones de archivos, tambi\u00e9n se conoce como \"Visual Studio Extension Installer Service Elevation of Privilege Vulnerability\"."}], "lastModified": "2024-11-21T04:54:25.643", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:visual_studio_2015:update_3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C58C82C-6F98-47B2-8801-8D04D4C5CF7D"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6290EF90-AB91-4990-8D44-4F64F49AE133"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3886D126-9ADC-4AAF-8169-70F3DE3A7773"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E904F8BF-C415-43BC-89BD-8AD912BEA82A"}, {"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:16.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CCC238C-4305-433B-BC0F-8C537C4A963C"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"} 