Vulnerabilities > Jetbrains > Teamcity > 2018.2

DATE CVE VULNERABILITY TITLE RISK
2024-03-28 CVE-2024-31140 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools
network
low complexity
jetbrains
4.9
4.9
2024-03-21 CVE-2024-29880 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process
local
low complexity
jetbrains
7.8
7.8
2024-03-06 CVE-2024-28174 Incorrect Authorization vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly
network
low complexity
jetbrains CWE-863
5.8
5.8
2024-03-04 CVE-2024-27198 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
 9.8
9.8
2024-03-04 CVE-2024-27199 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
network
low complexity
jetbrains CWE-22
7.3
7.3
2024-02-06 CVE-2024-23917 Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
network
low complexity
jetbrains CWE-306
critical
 9.8
9.8
2024-02-06 CVE-2024-24936 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
network
low complexity
jetbrains
5.3
5.3
2024-02-06 CVE-2024-24937 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
network
low complexity
jetbrains CWE-79
5.4
5.4
2024-02-06 CVE-2024-24938 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
network
low complexity
jetbrains CWE-22
5.3
5.3
2024-02-06 CVE-2024-24942 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
network
low complexity
jetbrains CWE-22
5.3
5.3