Show filters
211 Total Results
Displaying 11-20 of 211
Sort by:
Attacker Value
Unknown

CVE-2024-56356

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-56355

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-56354

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-56353

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-56352

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-56351

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-56350

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-56349

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-56348

Disclosure Date: December 20, 2024 (last updated January 07, 2025)
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-47951

Disclosure Date: October 08, 2024 (last updated October 12, 2024)
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
View More Topics  < Previous  Next >