Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
teamcity vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-43200
In JetBrains TeamCity prior to 2021.1.2, permission checks in the Agent Push functionality were insufficient.
Jetbrains Teamcity
9.8
CVSSv3
CVE-2021-43202
In JetBrains TeamCity prior to 2021.1.3, the X-Frame-Options header is missing in some cases.
Jetbrains Teamcity
7.5
CVSSv3
CVE-2022-44623
In JetBrains TeamCity version prior to 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings
Jetbrains Teamcity
7.5
CVSSv3
CVE-2022-44624
In JetBrains TeamCity version prior to 2022.10, Password parameters could be exposed in the build log if they contained special characters
Jetbrains Teamcity
6.5
CVSSv3
CVE-2020-15828
In JetBrains TeamCity prior to 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
Jetbrains Teamcity
6.1
CVSSv3
CVE-2020-15831
JetBrains TeamCity prior to 2019.2.3 is vulnerable to reflected XSS in the administration UI.
Jetbrains Teamcity
2.7
CVSSv3
CVE-2020-11686
In JetBrains TeamCity prior to 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.
Jetbrains Teamcity
7.5
CVSSv3
CVE-2020-11687
In JetBrains TeamCity prior to 2019.2.2, password values were shown in an unmasked format on several pages.
Jetbrains Teamcity
7.5
CVSSv3
CVE-2020-11688
In JetBrains TeamCity prior to 2019.2.1, the application state is kept alive after a user ends his session.
Jetbrains Teamcity
6.5
CVSSv3
CVE-2015-1313
JetBrains TeamCity 8 and 9 prior to 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Jetbrains Teamcity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »