Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers

2024-03-05 03:34

A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3. “The

News URL

https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html

#critical #server #takeover #CVE-2024-27199 #CVE-2024-27198

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-04	CVE-2024-27199	In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible	0.0
2024-03-04	CVE-2024-27198	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible network low complexity jetbrains critical	9.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Jetbrains		28	28	244	51	15	338

News URL

Related news

Related Vulnerability

Related vendor