What the vulnerability does
01Description
Azure DevOps Server Elevation of Privilege Vulnerability
CVE-2023-36561
HIGH
CVE-2023-36561: Azure DevOps Server Elevation of Privilege Vulnerability
CVSS base score
7.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
October 10, 2023
CVE published
April 14, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-28115 Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled
CVE-2025-55196 External Secrets Operator Missing Namespace Restriction in PushSecret and SecretStore List() Calls Allows Unauthorized Secret Access
CVE-2024-30148 HCL Leap is affected by improper access control
CVE-2025-53111 GLPI exposes data to non-allowed users
CVE-2020-16241 Philips SureSigns VS4 Improper Access Control
