Security News > 2024 > March > Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers

Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers
2024-03-05 03:34

A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3. “The


News URL

https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-03-04 CVE-2024-27199 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
network
low complexity
jetbrains CWE-22
7.3
7.3
2024-03-04 CVE-2024-27198 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Jetbrains 32 16 243 123 46 428