Vulnerabilities > Jetbrains > Teamcity > 2022.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-08 | CVE-2022-46830 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity 2022.10 In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning. | 5.3 |
2022-12-08 | CVE-2022-46831 | Insecure Default Initialization of Resource vulnerability in Jetbrains Teamcity 2022.10 In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators. | 4.9 |