PT-2022-27268 · Jetbrains · Teamcity
Published
2022-11-03
·
Updated
2022-11-03
·
CVE-2022-44624
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JetBrains TeamCity versions prior to 2022.10
Description
The issue concerns the exposure of password parameters in the build log when these parameters contain special characters.
Recommendations
For versions prior to 2022.10, consider updating to version 2022.10 or later to resolve the issue. As a temporary workaround, avoid using special characters in password parameters to minimize the risk of exposure. Restrict access to the build log to prevent unauthorized viewing of potentially exposed passwords.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Teamcity