What the vulnerability does
01Description
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent
CVSS base score
6.8/10
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
May 29, 2024
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-41436 Unauthorized access to archived channel content via threads interface
CVE-2026-45009 phpMyFAQ - Insufficient Authorization Check in Admin API Endpoints
CVE-2025-0580 Shiprocket Module REST API Module rest_api authorization
CVE-2025-31331 Authorization Bypass vulnerability in SAP NetWeaver
CVE-2025-0765 Incorrect Authorization in GitLab
