PT-2024-9845 · Jetbrains · Jetbrains Teamcity+1
Published
2024-12-20
·
Updated
2025-01-02
·
CVE-2024-56348
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
JetBrains TeamCity versions prior to 2024.12
Description:
The issue is related to improper access control in JetBrains TeamCity, which allowed viewing details of unauthorized agents. This could potentially enable a remote attacker to gain access to confidential information.
Recommendations:
For versions prior to 2024.12, update to version 2024.12 or later to resolve the issue. As a temporary workaround, consider restricting access to agent details to minimize the risk of exploitation.
Exploit
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jetbrains Teamcity
Teamcity