{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-0000191699e9","releaseDate":"2021-05-11T07:00:00Z","cveNumber":"CVE-2021-31211","cveTitle":"Visual Studio Code Remote Code Execution Vulnerability","releaseNumber":"2021-May","vulnType":"Security Vulnerability","latestRevisionDate":"2021-05-11T07:00:00Z","cweList":[],"cweDetailsListForSearch":[],"mitreText":"CVE-2021-31211","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2021-31211","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":2,"olderSoftwareRelease":"Exploitation Less Likely","denialOfService":"N/A","tag":"Visual Studio Code","issuingCna":"Microsoft","issuingCnaId":0,"severityId":100000001,"severity":"Important","impactId":100000005,"impact":"Remote Code Execution","langCode":"en-US","baseScore":"7.8","temporalScore":"6.8","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":0,"cweDetailsList":[],"articles":[{"articleType":"FAQ","description":"<p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p>\n<p>The user would have be enticed to open a malicious file in a directory. Users should never open anything that they do not know or trust to be safe.</p>\n","ordinal":10000},{"articleType":"FAQ","description":"<p><strong>How do I know if I am affected by this vulnerability?</strong></p>\n<p>Customers running any Visual Studio Code Remote extensions (for example: Visual Studio Code Remote - SSH, Visual Studio Code Remote - Containers, or Visual Studio Code Remote - WSL extensions) are affected by this vulnerability. The fix for the vulnerability is in Visual Studio Code and not in the extensions. Customers running a Visual Studio Code Remote extension need to update Visual Studio Code to be protected from this vulnerability.</p>\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2021-31211","version":1,"revisionDate":"2021-05-11T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published.</p>\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"fb329b5a-aaa7-eb11-a83e-000d3a6d3364"}]}