Teamcity Security Vulnerabilities
In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.
6.1CVSS
6AI Score
0.001EPSS
In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.
2.7CVSS
4.1AI Score
0.001EPSS
In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.
5.3CVSS
5.4AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
9.8CVSS
9.8AI Score
0.007EPSS
In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.
7.5CVSS
7.2AI Score
0.002EPSS
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.
6.1CVSS
6AI Score
0.001EPSS
In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
8.8CVSS
8.7AI Score
0.002EPSS
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.
7.5CVSS
7.6AI Score
0.002EPSS
In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
9.8CVSS
9.6AI Score
0.005EPSS
In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.
9.8CVSS
9.9AI Score
0.007EPSS
5.4CVSS
5.2AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.01EPSS
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
7.5CVSS
7.7AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.
5.3CVSS
5.3AI Score
0.001EPSS
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.
5.3CVSS
5.3AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.
7.5CVSS
7.4AI Score
0.002EPSS
In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.
9.8CVSS
9.7AI Score
0.006EPSS
5.3CVSS
5.3AI Score
0.001EPSS
5.3CVSS
5.3AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible.
7.5CVSS
7.2AI Score
0.002EPSS
In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS.
6.1CVSS
6.2AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient.
5.3CVSS
5.2AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.
9.8CVSS
9.4AI Score
0.002EPSS
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.
5.3CVSS
5.2AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.
9.8CVSS
9.4AI Score
0.002EPSS
In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible.
6.1CVSS
6.1AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
9.8CVSS
9.5AI Score
0.002EPSS
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie.
5.3CVSS
5.2AI Score
0.001EPSS
6.5CVSS
6.4AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server.
5.3CVSS
5.3AI Score
0.001EPSS
JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race-condition attack in agent registration via XML-RPC.
8.1CVSS
7.9AI Score
0.002EPSS
In JetBrains TeamCity before 2021.2.1, an unauthenticated attacker can cancel running builds via an XML-RPC request to the TeamCity server.
5.3CVSS
5.3AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions.
6.5CVSS
6.4AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
5.4CVSS
5.4AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was possible.
9.8CVSS
9.4AI Score
0.002EPSS
In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't terminate sessions of the edited user.
7.5CVSS
7.5AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration.
9.8CVSS
9.7AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged in some cases.
7.5CVSS
7.5AI Score
0.002EPSS
In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible
6.1CVSS
6AI Score
0.001EPSS
In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible
4.9CVSS
5.1AI Score
0.001EPSS
In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible
6.1CVSS
5.9AI Score
0.001EPSS
In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases
6.5CVSS
6.4AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.001EPSS
In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases
5.3CVSS
5.2AI Score
0.001EPSS