Search Results | AttackerKB

Show filters

Topics 456 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

456 Total Results

Displaying 141-150 of 456

Attacker Value

Unknown

CVE-2023-34228

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-34227

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-34226

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-34225

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possible

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-34224

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-34223

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-34222

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-34221

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-34220

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possible

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-34219

Disclosure Date: May 31, 2023 (last updated October 08, 2023)

In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API

Attack Vector: Network Privileges: Low User Interaction: None

0