Authentication Bypass Vulnerability in JetBrains TeamCity
CVE-2024-36470
8.1HIGH
Summary
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
Affected Version(s)
TeamCity < 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database