PT-2022-25648 · Jetbrains · Teamcity
Published
2022-09-23
·
Updated
2022-09-26
·
CVE-2022-40979
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JetBrains TeamCity versions prior to 2022.04.4
Description
The issue concerns the logging of environmental variables of
password type when using a custom Perforce executable. This could potentially expose sensitive information.Recommendations
For versions prior to 2022.04.4, update to version 2022.04.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of custom Perforce executables until the update is applied.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Teamcity