Jetbrains: >> Teamcity >> 2019.1.4 Security Vulnerabilities
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process
CVSS Score
4.2
EPSS Score
0.0
Published
2024-03-21
In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly
CVSS Score
5.8
EPSS Score
0.0
Published
2024-03-06
CVE-2024-27198
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Known exploited
CVSS Score
9.8
EPSS Score
0.946
Published
2024-03-04
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
CVSS Score
7.3
EPSS Score
0.945
Published
2024-03-04
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
CVSS Score
5.3
EPSS Score
0.001
Published
2024-02-06
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
CVSS Score
5.3
EPSS Score
0.0
Published
2024-02-06
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
CVSS Score
9.8
EPSS Score
0.944
Published
2024-02-06
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
CVSS Score
4.3
EPSS Score
0.0
Published
2024-02-06
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
CVSS Score
4.6
EPSS Score
0.237
Published
2024-02-06
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
CVSS Score
4.3
EPSS Score
0.0
Published
2023-12-15