Vulnerabilities > Jetbrains > Teamcity > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-08 CVE-2024-47948 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
network
low complexity
jetbrains CWE-22
7.5
2024-10-08 CVE-2024-47949 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location
network
low complexity
jetbrains CWE-22
7.5
2024-08-06 CVE-2024-43114 Incorrect Default Permissions vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
local
low complexity
jetbrains CWE-276
7.8
2024-07-22 CVE-2024-41829 Improper Authentication vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
network
low complexity
jetbrains CWE-287
7.5
2023-12-15 CVE-2023-50870 Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
network
low complexity
jetbrains CWE-352
8.8
2023-07-25 CVE-2023-39173 Incorrect Privilege Assignment vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
network
low complexity
jetbrains CWE-266
8.8
2023-07-25 CVE-2023-39174 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers
network
low complexity
jetbrains
7.5
2023-05-31 CVE-2023-34227 Exposed Dangerous Method or Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks
network
low complexity
jetbrains CWE-749
7.5
2022-11-03 CVE-2022-44623 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings
network
low complexity
jetbrains
7.5
2022-11-03 CVE-2022-44624 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters
network
low complexity
jetbrains CWE-532
7.5