What the vulnerability does
01Description
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions
CVSS base score
6.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Key dates
02Disclosure timeline
May 29, 2024
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2022-0866
CVE-2025-6018 Pam-config: lpe from unprivileged to allow_active in pam
CVE-2026-42096 Broken Access Control in Sparx Pro Cloud Server
CVE-2020-11844 Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products.
CVE-2026-26316 OpenClaw has BlueBubbles webhook auth bypass via loopback proxy trust
