by vicarius
log in join community
by @jakaba
10 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

TeamCity Auth bypass to RCE (CVE-2024-27198 and CVE-2024-27199)

by @jakaba
by @jakaba
10 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

TeamCity Auth bypass to RCE (CVE-2024-27198 and CVE-2024-27199)

CVEs

CVE-2024-27198
9.8 Critical Severity

Apps

Teamcity
TeamcityJetbrains
2023.11.4.*
2024.03.*
2023.11.2.*
2023.11.3.*
2023.11.1.*
2023.05.4.*
2023.05.*
2023.11.*
2022.10.2.*
2022.10.4.*

Screenshots from the blog posts

images/clvywtu5c5t931jn95ao62ur7.jpgimages/clvywtu5c5t931jn95ao62ur7.jpg

Summary

JetBrains TeamCity has been impacted by two critical vulnerabilities, CVE-2024-27198 and CVE-2024-27199, which lead to remote command execution.

Description

Tags

#RCE#exposed_to_RCE_attack#path_traversal#Authentication#trending#TeamCity#JetBrains#auth_bypass
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)