Vulnerabilities > Jetbrains > Teamcity > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-22 CVE-2020-11688 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.
network
low complexity
jetbrains CWE-613
7.5
2020-04-22 CVE-2020-11687 Information Exposure vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
network
low complexity
jetbrains CWE-200
7.5
2020-01-30 CVE-2020-7909 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
network
low complexity
jetbrains CWE-522
7.5
2019-10-02 CVE-2019-15036 OS Command Injection vulnerability in Jetbrains Teamcity 2018.2.4
An issue was discovered in JetBrains TeamCity 2018.2.4.
network
low complexity
jetbrains CWE-78
7.2
2019-10-01 CVE-2019-15042 Improper Certificate Validation vulnerability in Jetbrains Teamcity 2018.2.4
An issue was discovered in JetBrains TeamCity 2018.2.4.
network
low complexity
jetbrains CWE-295
7.5
2019-10-01 CVE-2019-15038 Unspecified vulnerability in Jetbrains Teamcity 2018.2.4
An issue was discovered in JetBrains TeamCity 2018.2.4.
network
low complexity
jetbrains
7.5
2019-07-03 CVE-2019-12841 Improper Input Validation vulnerability in Jetbrains Teamcity
Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity.
network
low complexity
jetbrains CWE-20
7.5