PT-2019-13945 · Jetbrains · Teamcity
Publicado
2019-09-26
·
Atualizado
2019-10-03
·
CVE-2019-15036
CVSS v2.0
9.0
Alta
| Vetor | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
JetBrains TeamCity versions prior to 2018.2.5
JetBrains TeamCity versions prior to 2019.1
Description
An issue was discovered that allows a TeamCity Project administrator to execute any command on the server machine.
Recommendations
For versions prior to 2018.2.5, update to TeamCity 2018.2.5 or later.
For versions prior to 2019.1, update to TeamCity 2019.1 or later.
Correção
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Teamcity