The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:
– An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2022-24513)
– An information disclosure vulnerability exists in Visual Studio. An unauthenticated, remote attacker can exploit this to disclose potentially sensitive information. (CVE-2022-30184)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More