Microsoft Security Response Center

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** An attacker who successfully exploits this vulnerability could affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component could be different from the impacted component and are managed by different security authorities.

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to execute code remotely on the client.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**What type of information could be disclosed by this vulnerability?** An attacker that successfully exploited this vulnerability could recover plaintext passwords and usernames from log files created by the affected CLI commands and published by Azure DevOps and/or GitHub Actions.

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is values of registry keys the attacker does not have permissions to view.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.