CVE-2024-27199

🗓️ 04 Mar 2024 17:21:40Reported by JetBrainsType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 249 Views🌐 WEB

JetBrains TeamCity before 2023.11.4 path traversal issu

Reporter	Title	Published	Views	Family All 51
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	8 Mar 202412:40	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	9 Mar 202404:04	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	18 Oct 202516:45	–	githubexploit
GithubExploit	Exploit for CVE-2024-30851	4 Apr 202422:59	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	6 Mar 202403:15	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	5 Mar 202405:43	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	7 Mar 202415:12	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	22 Apr 202422:14	–	githubexploit
GithubExploit	Exploit for Path Traversal in Jetbrains Teamcity	22 Apr 202422:14	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity	16 Aug 202405:39	–	githubexploit

NVD

Node

jetbrains teamcityRange<2023.11.4

[
  {
    "vendor": "JetBrains",
    "product": "TeamCity",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "2023.11.4",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
darkreading	www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
jetbrains	www.jetbrains.com/privacy-security/issues-fixed/
github	www.github.com/Stuub/RCity-CVE-2024-27198/blob/main/RCity.py
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

Parameter	Position	Path	Description	CWE
id:1	path	app/rest/users/id:1/tokens	Create an authentication token via REST to enable further privileged actions.	CWE-22, CWE-23
tokens	path	app/rest/users/id:1/tokens	Create an authentication token via REST to enable further privileged actions.	CWE-22, CWE-23
fileName	path	admin/pluginUpload.html	Upload a malicious plugin via pluginUpload endpoint to achieve code execution.	CWE-22, CWE-23
file:fileToUpload	path	admin/pluginUpload.html	Upload a malicious plugin via pluginUpload endpoint to achieve code execution.	CWE-22, CWE-23
action	path	admin/plugins.html	Enable/load uploaded plugin through admin plugins interface.	CWE-22, CWE-23
plugins	path	admin/plugins.html	Enable/load uploaded plugin through admin plugins interface.	CWE-22, CWE-23
accessTokenName	path	admin/accessTokens.html	Delete authentication tokens via admin accessTokens endpoint.	CWE-22, CWE-23
delete	path	admin/accessTokens.html	Delete authentication tokens via admin accessTokens endpoint.	CWE-22, CWE-23
userId	path	admin/accessTokens.html	Delete authentication tokens via admin accessTokens endpoint.	CWE-22, CWE-23
plugin_name	path	plugins/{plugin_name}.jsp	Trigger payload execution by accessing the plugin JSP or initiated JSP resource.	CWE-22, CWE-23

17 Jun 2026 07:19Current

8.3High risk

Vulners AI Score8.3

CVSS 3.17.3

EPSS0.99991

SSVC

cve-2024-27199 jetbrains teamcity path traversal admin actions nvd