Access Control Flaw in JetBrains TeamCity Exposes Build Logs

Summary

CVE-2024-56349 is a significant access control vulnerability identified in JetBrains TeamCity versions prior to 2024.12. This flaw permits unauthorized users to modify build logs, potentially leading to security breaches and manipulation of build information. As this access control failure can enable malicious actors to alter critical build processes and outputs, it poses a serious risk to the integrity and reliability of applications using TeamCity for continuous integration and deployment. It is vital for organizations using affected versions of TeamCity to apply relevant security patches and updates promptly.

References