Vulnerabilities > Jetbrains > Teamcity

DATE CVE VULNERABILITY TITLE RISK
2020-11-16 CVE-2020-27629 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
network
low complexity
jetbrains
5.3
5.3
2020-11-16 CVE-2020-27628 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.
network
low complexity
jetbrains
4.3
4.3
2020-08-08 CVE-2020-15831 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
network
low complexity
jetbrains CWE-79
6.1
6.1
2020-08-08 CVE-2020-15830 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
network
low complexity
jetbrains CWE-79
6.1
6.1
2020-08-08 CVE-2020-15829 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
network
low complexity
jetbrains CWE-532
5.3
5.3
2020-08-08 CVE-2020-15828 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
network
low complexity
jetbrains
6.5
6.5
2020-08-08 CVE-2020-15826 Improper Privilege Management vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
network
low complexity
jetbrains CWE-269
4.3
4.3
2020-08-08 CVE-2020-15825 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.
network
low complexity
jetbrains
8.8
8.8
2020-04-22 CVE-2020-11938 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project.
network
low complexity
jetbrains
4.9
4.9
2020-04-22 CVE-2020-11689 Incorrect Default Permissions vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file.
network
low complexity
jetbrains CWE-276
6.5
6.5