CVE-2020-1343
MEDIUMVisual Studio Live Share - Cleartext Transmission of Sensitive Information via Token Exposure
Title source: llmDescription
An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1343
Scores
CVSS v3
5.9
EPSS
0.0283
EPSS Percentile
84.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-319
Status
published
Products (1)
microsoft/visual_studio_live_share
Published
Jun 09, 2020
Tracked Since
Feb 18, 2026