12 matches found
Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity
RCity - CVE-2024-27198 RCE & Admin Account Creation & CVE-20...
Exploit for Path Traversal in Jetbrains Teamcity
RCity - CVE-2024-27198 RCE & Admin Account Creation & CVE-20...
Update now! JetBrains TeamCity vulnerability abused at scale
JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTPS access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server...
JetBrains TeamCity Path Traversal (CVE-2024-27199)
Binary data teamcitycve-2024-27199.nbin...
Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers
A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 CVSS score: 9.8 and CVE-2024-27199 CVSS score: 7.3, have been addressed in...
TeamCity Server < 2023.11.4 Multiple Vulnerabilities
According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2023.11.4. It is, therefore, affected by multiple vulnerabilities: - Authentication bypass allowing to perform admin actions was possible. CVE-2024-27198 - Path...
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)
Overview In February 2024, Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server: CVE-2024-27198 is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue CWE-288 and has a CVSS...
CVE-2024-27199
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible Rapid7 Analysis Overview CVE-2024-27199 is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue CWE-22 and has a CVSS base score ...
CVE-2024-27199
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible...
CVE-2024-27199
creationtimestamp| type| source ---|---|--- 2024-03-04 17:52:32+00:00| seen| https://t.me/ctinow/199405 2024-03-05 04:46:50+00:00| seen| https://t.me/KomunitiSiber/1583 2024-03-05 05:02:25+00:00| seen| Telegram/trGEwAn-mXHp7pkuxQfko9XPGzwWF72duLSxcOH5noXyFw 2024-03-05 05:12:55+00:00| seen|...
CVE-2024-27199
CVE-2024-27199 is a JetBrains TeamCity path traversal vulnerability that could allow limited admin actions on vulnerable TeamCity servers. Affected product: TeamCity server prior to 2023.11.4; underlying issue described as a path traversal/logic flow problem in handling requests. CVSS v3.1 base s...
CVE-2024-27199
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible...