Vulnerabilities > Jetbrains > Teamcity > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-22 CVE-2024-41827 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
network
low complexity
jetbrains CWE-613
critical
9.8
2024-05-29 CVE-2024-36470 Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
network
low complexity
jetbrains CWE-306
critical
9.8
2024-03-04 CVE-2024-27198 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
9.8
2024-02-06 CVE-2024-23917 Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
network
low complexity
jetbrains CWE-306
critical
9.8
2023-09-19 CVE-2023-42793 Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
network
low complexity
jetbrains CWE-306
critical
9.8
2023-05-31 CVE-2023-34218 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
9.8
2023-02-23 CVE-2022-48342 Insecure Default Initialization of Resource vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
network
low complexity
jetbrains CWE-1188
critical
9.8
2022-02-25 CVE-2022-25263 OS Command Injection vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration.
network
low complexity
jetbrains CWE-78
critical
9.8
2022-02-25 CVE-2022-24340 XXE vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was possible.
network
low complexity
jetbrains CWE-611
critical
9.8
2022-02-25 CVE-2022-24331 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
network
low complexity
jetbrains
critical
9.8