Vulnerabilities > Jetbrains > Teamcity > 10.0.1

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-31906 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.
network
low complexity
jetbrains
2.7
2.7
2021-05-11 CVE-2021-31907 Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.
network
low complexity
jetbrains CWE-732
5.3
5.3
2021-05-11 CVE-2021-31908 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.
network
low complexity
jetbrains CWE-79
5.4
5.4
2021-05-11 CVE-2021-31909 Argument Injection or Modification vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
network
low complexity
jetbrains CWE-88
critical
 9.8
9.8
2021-05-11 CVE-2021-3315 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.
network
low complexity
jetbrains CWE-79
5.4
5.4
2021-02-03 CVE-2021-25778 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.
network
low complexity
jetbrains
5.3
5.3
2021-02-03 CVE-2021-25777 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.
network
low complexity
jetbrains CWE-863
5.3
5.3
2021-02-03 CVE-2021-25776 Insecure Storage of Sensitive Information vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
network
low complexity
jetbrains CWE-922
7.5
7.5
2021-02-03 CVE-2021-25775 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.
network
low complexity
jetbrains
3.8
3.8
2021-02-03 CVE-2021-25774 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
network
low complexity
jetbrains CWE-863
4.3
4.3