EDB-52411
webappsmultiple
JetBrains TeamCity 2023.11.4 - Authentication Bypass
CVE-2024-27198
İbrahimsql8/11/2025
CVE-2024-27198
9.8CRITICALIn JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Veröffentlicht: 3/4/2024Aktualisiert: 10/24/2025
CISA Bekannte Ausgenutzte Schwachstelle
JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.
Erforderliche Maßnahme:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fälligkeitsdatum:
2024-03-28
Bekannte Ransomware-Nutzung
Beschreibung
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
KI-AnalyseKI-gestützt
Betroffene Produkte
jetbrainsteamcity
Verfügbare Exploits (1)
Referenzen
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrivePress/Media CoverageThird Party Advisory
- https://www.jetbrains.com/privacy-security/issues-fixed/Vendor Advisory
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrivePress/Media CoverageThird Party Advisory
- https://www.jetbrains.com/privacy-security/issues-fixed/Vendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-27198US Government Resource