Vulnerabilities > CVE-2020-35667 - Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

jetbrains

CWE-918

NVD

Published: 2021-02-03

Updated: 2021-02-05

Summary

JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.

Vulnerable Configurations

Part	Description	Count
Application	Jetbrains Jetbrains Teamcity - Jetbrains Teamcity 2.0 Jetbrains Teamcity 2.1 Jetbrains Teamcity 3.0 Jetbrains Teamcity 3.1 Jetbrains Teamcity 4.0 Jetbrains Teamcity 4.0.1 Jetbrains Teamcity 4.0.2 Jetbrains Teamcity 4.5 Jetbrains Teamcity 5.0 Jetbrains Teamcity 5.1 Jetbrains Teamcity 6.0 Jetbrains Teamcity 6.5 Jetbrains Teamcity 7.0 Jetbrains Teamcity 7.1 Jetbrains Teamcity 8.0 Jetbrains Teamcity 8.0.1 Jetbrains Teamcity 8.0.2 Jetbrains Teamcity 8.0.3 Jetbrains Teamcity 8.0.4 Jetbrains Teamcity 8.0.5 Jetbrains Teamcity 8.0.6 Jetbrains Teamcity 8.1 Jetbrains Teamcity 8.1.1 Jetbrains Teamcity 8.1.2 Jetbrains Teamcity 8.1.3 Jetbrains Teamcity 8.1.4 Jetbrains Teamcity 8.1.5 Jetbrains Teamcity 9.0 Jetbrains Teamcity 9.0.1 Jetbrains Teamcity 9.0.2 Jetbrains Teamcity 9.0.3 Jetbrains Teamcity 9.0.4 Jetbrains Teamcity 9.0.5 Jetbrains Teamcity 9.1 Jetbrains Teamcity 9.1.1 Jetbrains Teamcity 9.1.2 Jetbrains Teamcity 9.1.3 Jetbrains Teamcity 9.1.4 Jetbrains Teamcity 9.1.5 Jetbrains Teamcity 9.1.6 Jetbrains Teamcity 9.1.7 Jetbrains Teamcity 10.0 Jetbrains Teamcity 10.0.1 Jetbrains Teamcity 10.0.2 Jetbrains Teamcity 10.0.3 Jetbrains Teamcity 10.0.4 Jetbrains Teamcity 10.0.5 Jetbrains Teamcity 2017.1 Jetbrains Teamcity 2017.1.1 Jetbrains Teamcity 2017.1.2 Jetbrains Teamcity 2017.1.3 Jetbrains Teamcity 2017.1.4 Jetbrains Teamcity 2017.1.5 Jetbrains Teamcity 2017.2 Jetbrains Teamcity 2017.2.1 Jetbrains Teamcity 2017.2.2 Jetbrains Teamcity 2017.2.3 Jetbrains Teamcity 2017.2.4 Jetbrains Teamcity 2018.1 Jetbrains Teamcity 2018.1.1 Jetbrains Teamcity 2018.1.2 Jetbrains Teamcity 2018.1.3 Jetbrains Teamcity 2018.1.4 Jetbrains Teamcity 2018.1.5 Jetbrains Teamcity 2018.2 Jetbrains Teamcity 2018.2.1 Jetbrains Teamcity 2018.2.2 Jetbrains Teamcity 2018.2.3 Jetbrains Teamcity 2018.2.4 Jetbrains Teamcity 2018.2.5 Jetbrains Teamcity 2019.1 Jetbrains Teamcity 2019.1.1 Jetbrains Teamcity 2019.1.2 Jetbrains Teamcity 2019.1.3 Jetbrains Teamcity 2019.1.4 Jetbrains Teamcity 2019.1.5 Jetbrains Teamcity 2019.2.0 Jetbrains Teamcity 2019.2.1 Jetbrains Teamcity 2019.2.2 Jetbrains Teamcity 2019.2.3 Jetbrains Teamcity 2020.1 Jetbrains Teamcity 2020.1.1 Jetbrains Teamcity 2020.1.2 Jetbrains Teamcity 2020.1.3 Jetbrains Teamcity 2020.1.4 Jetbrains Teamcity 2020.1.5 Jetbrains Teamcity 2020.2 Jetbrains Teamcity 2020.2.1 Jetbrains Teamcity 2020.2.2 Jetbrains Teamcity 2020.2.3	94

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References