Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains teamcity vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2022-24341
In JetBrains TeamCity prior to 2021.2.1, editing a user account to change its password didn't terminate sessions of the edited user.
Jetbrains Teamcity
383
VMScore
CVE-2021-37542
In JetBrains TeamCity prior to 2020.2.3, XSS was possible.
Jetbrains Teamcity
NA
CVE-2022-46830
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
Jetbrains Teamcity
NA
CVE-2022-46831
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
Jetbrains Teamcity
NA
CVE-2022-44622
In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive
Jetbrains Teamcity
NA
CVE-2022-44623
In JetBrains TeamCity version prior to 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings
Jetbrains Teamcity
NA
CVE-2022-44624
In JetBrains TeamCity version prior to 2022.10, Password parameters could be exposed in the build log if they contained special characters
Jetbrains Teamcity
NA
CVE-2022-44646
In JetBrains TeamCity version prior to 2022.10, no audit items were added upon editing a user's settings
Jetbrains Teamcity
NA
CVE-2022-48428
In JetBrains TeamCity prior to 2022.10.3 stored XSS on the SSH keys page was possible
Jetbrains Teamcity
NA
CVE-2015-1313
JetBrains TeamCity 8 and 9 prior to 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Jetbrains Teamcity
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »