Vulnerabilities > Jetbrains > Teamcity > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-31913 Improper Validation of Integrity Check Value vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.
network
low complexity
jetbrains CWE-354
7.5
7.5
2021-05-11 CVE-2021-26310 Unspecified vulnerability in Jetbrains Teamcity
In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible.
network
low complexity
jetbrains
7.5
7.5
2021-02-03 CVE-2021-25776 Insecure Storage of Sensitive Information vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
network
low complexity
jetbrains CWE-922
7.5
7.5
2021-02-03 CVE-2020-35667 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity
JetBrains TeamCity Plugin before 2020.2.85695 SSRF.
network
low complexity
jetbrains CWE-918
7.5
7.5
2020-08-08 CVE-2020-15825 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.
network
low complexity
jetbrains
8.8
8.8
2020-04-22 CVE-2020-11688 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.
network
low complexity
jetbrains CWE-613
7.5
7.5
2020-04-22 CVE-2020-11687 Information Exposure vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
network
low complexity
jetbrains CWE-200
7.5
7.5
2020-01-30 CVE-2020-7909 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
network
low complexity
jetbrains CWE-522
7.5
7.5
2019-10-02 CVE-2019-15036 OS Command Injection vulnerability in Jetbrains Teamcity 2018.2.4
An issue was discovered in JetBrains TeamCity 2018.2.4.
network
low complexity
jetbrains CWE-78
7.2
7.2
2019-10-01 CVE-2019-15042 Improper Certificate Validation vulnerability in Jetbrains Teamcity 2018.2.4
An issue was discovered in JetBrains TeamCity 2018.2.4.
network
low complexity
jetbrains CWE-295
7.5
7.5