Lucene search
JetBrainsCVELIST:CVE-2024-31138HistoryMar 28, 2024 - 3:07 p.m.
CVE-2024-31138
2024-03-2815:07:17
JetBrains
www.cve.org
1
cve-2024-31138
xss
jetbrains teamcity
agent distribution settings
4.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.1%
In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings
CNA Affected
[
{
"vendor": "JetBrains",
"product": "TeamCity",
"versions": [
{
"version": "0",
"status": "affected",
"lessThan": "2024.03",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]
4.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.1%
Related for CVELIST:CVE-2024-31138