CISA Known Exploited Vulnerability (KEV)
JetBrains TeamCity Authentication Bypass Vulnerability
March 7, 2024
March 28, 2024
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
References
Weakness Enumeration
CWE-ID | CWE Name |
---|---|
CWE-288 |
Authentication Bypass Using an Alternate Path or Channel |