Teamcity Security Vulnerabilities - February 2022
In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible.
6.1CVSS
6.1AI Score
0.001EPSS
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
9.8CVSS
9.5AI Score
0.002EPSS
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie.
5.3CVSS
5.2AI Score
0.001EPSS
6.5CVSS
6.4AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server.
5.3CVSS
5.3AI Score
0.001EPSS
JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race-condition attack in agent registration via XML-RPC.
8.1CVSS
7.9AI Score
0.002EPSS
In JetBrains TeamCity before 2021.2.1, an unauthenticated attacker can cancel running builds via an XML-RPC request to the TeamCity server.
5.3CVSS
5.3AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions.
6.5CVSS
6.4AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
5.4CVSS
5.4AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was possible.
9.8CVSS
9.4AI Score
0.002EPSS
In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't terminate sessions of the edited user.
7.5CVSS
7.5AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration.
9.8CVSS
9.7AI Score
0.001EPSS
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged in some cases.
7.5CVSS
7.5AI Score
0.002EPSS