What the vulnerability does
01Description
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Key dates
02Disclosure timeline
February 6, 2024
CVE published
August 1, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-11521 Mohammed-eid35 bank-management-system-springboot Transaction Endpoint TransactionController.java improper authorization
CVE-2025-11174 Document Library Lite <= 1.1.6 - Missing Authorization to Sensitive Information Exposure
CVE-2018-9867
CVE-2024-27937 glpi Users emails enumeration
CVE-2026-33146 Docmost's Public Share Search Exposes Metadata of Restricted Children
