CVE-2024-27198 - JetBrains TeamCity Authentication Bypass Vulnerability

CVE-2024-27198: JetBrains | TeamCity

Date Added:
2024-03-07

Due Date:
2024-03-28

Vulnerability Name: JetBrains TeamCity Authentication Bypass Vulnerability

Description: JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://www.jetbrains.com/help/teamcity/teamcity-2023-11-4-release-notes.html; https://nvd.nist.gov/vuln/detail/CVE-2024-27198

Related News Articles

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida StealerJuly 16, 2024

Hackers use PoC exploits in attacks 22 minutes after releaseJuly 13, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard