CVE-2022-25263

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2021.2.3

Description The issue concerns an OS command injection vulnerability in the Agent Push feature configuration. This vulnerability allows for the execution of arbitrary system commands, potentially leading to unauthorized access or control of the system.

Recommendations For versions prior to 2021.2.3, update to version 2021.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the Agent Push feature configuration to minimize the risk of exploitation.