CVE-2022-24333

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2021.2

Description The issue allows for blind Server-Side Request Forgery (SSRF) via an XML-RPC call. This means an attacker could potentially force the server to make requests to arbitrary destinations, which could lead to internal network scanning or accessing services not intended for public exposure.

Recommendations For versions prior to 2021.2, update to version 2021.2 or later to resolve the issue. As a temporary workaround, consider restricting access to XML-RPC calls until a patch is applied.