Jetbrains: >> Teamcity >> 2018.2.4 Security Vulnerabilities
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and 2019.1.
CVSS Score
7.2
EPSS Score
0.0
Published
2019-10-02
An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-02
In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.
CVSS Score
9.8
EPSS Score
0.0
Published
2019-10-02
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1.
CVSS Score
4.9
EPSS Score
0.0
Published
2019-10-01
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1.
CVSS Score
7.5
EPSS Score
0.0
Published
2019-10-01
An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1.
CVSS Score
7.5
EPSS Score
0.0
Published
2019-10-01
An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-10-01
Page 21