Vulnerabilities > CVE-2022-46831 - Insecure Default Initialization of Resource vulnerability in Jetbrains Teamcity 2022.10/2022.10.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |