CVE-2024-27199

HIGH

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible

CVSS v3.1 Score

7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
Published: 3/4/2024Modified: 4/21/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (6)

https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrivePress/Media Coveragehttps://www.jetbrains.com/privacy-security/issues-fixed/Vendor Advisoryhttps://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrivePress/Media Coveragehttps://www.jetbrains.com/privacy-security/issues-fixed/Vendor Advisoryhttps://github.com/Stuub/RCity-CVE-2024-27198/blob/main/RCity.pyExploithttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-27199US Government Resource