Vulnerabilities > Jetbrains > Teamcity

DATE CVE VULNERABILITY TITLE RISK
2021-11-09 CVE-2021-43201 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.
network
low complexity
jetbrains
5.3
5.3
2021-08-06 CVE-2021-37542 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, XSS was possible.
network
low complexity
jetbrains CWE-79
6.1
6.1
2021-08-06 CVE-2021-37544 Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
network
low complexity
jetbrains CWE-502
critical
 9.8
9.8
2021-08-06 CVE-2021-37545 Improper Authentication vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
network
low complexity
jetbrains CWE-287
7.5
7.5
2021-08-06 CVE-2021-37546 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.
network
low complexity
jetbrains CWE-327
5.3
5.3
2021-08-06 CVE-2021-37547 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.
network
low complexity
jetbrains
5.3
5.3
2021-08-06 CVE-2021-37548 Cleartext Storage of Sensitive Information vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.
network
low complexity
jetbrains CWE-312
7.5
7.5
2021-05-11 CVE-2021-31910 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.
network
low complexity
jetbrains CWE-918
7.5
7.5
2021-05-11 CVE-2021-31911 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.
network
low complexity
jetbrains CWE-79
6.1
6.1
2021-05-11 CVE-2021-31912 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
network
low complexity
jetbrains CWE-640
8.8
8.8