Lucene search
JetBrainsCVELIST:CVE-2023-39173HistoryJul 25, 2023 - 2:45 p.m.
CVE-2023-39173
2023-07-2514:45:43
JetBrains
www.cve.org
jetbrains
teamcity
token
vulnerability
account access
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.0%
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
CNA Affected
[
{
"vendor": "JetBrains",
"product": "TeamCity",
"versions": [
{
"version": "0",
"status": "affected",
"lessThan": "2023.05.2",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
prion
prion
Design/Logic Flaw
2023-07-25 15:15:00
cnvd
cnvd
JetBrains TeamCity elevation of privilege vulnerability (CNVD-2023-62626)
2023-07-30 00:00:00
nvd
nvd
CVE-2023-39173
2023-07-25 15:15:13
cve
cve
CVE-2023-39173
2023-07-25 15:15:13
nessus
nessus
TeamCity Server < 2023.05.2 Multiple Vulnerabilities
2023-09-29 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.0%
Related for CVELIST:CVE-2023-39173