CVE-2024-41829

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2024.07

Description The issue is related to a configuration vulnerability in the JetBrains Space module Project Settings | Connections of the CI/CD system JetBrains TeamCity, which is connected to weaknesses in the authentication procedure. This could allow a remote attacker to gain unauthorized access to protected information. The vulnerability can be exploited via the Space Application connection, potentially allowing an attacker to steal an OAuth code for JetBrains Space.

Recommendations For versions prior to 2024.07, update to version 2024.07 or later to resolve the issue. As a temporary workaround, consider restricting access to the Space Application connection to minimize the risk of exploitation.