CVE-2024-27199
Severity CVSS v4.0:
Pending analysis
Type:
CWE-23
Relative Path Traversal
Publication date:
04/03/2024
Last modified:
21/04/2026
Description
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
Impact
Base Score 3.x
7.30
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* | 2023.11.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
- https://www.jetbrains.com/privacy-security/issues-fixed/
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
- https://www.jetbrains.com/privacy-security/issues-fixed/
- https://github.com/Stuub/RCity-CVE-2024-27198/blob/main/RCity.py
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-27199