TeamCity Authentication Bypass (CVE-2024-27199) - Vulnerability Database

TeamCity Authentication Bypass (CVE-2024-27199)

Description

The TeamCity has an authentication bypass vulnerability. An attacker can bypass the authentication with a specially crafted HTTP request and get access to some admin endpoints of the system.

Remediation

Upgrade to the latest version of TeamCity

References

CVE-2024-27199 Detail

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)

Related Vulnerabilities

Severity

High

Classification

CVE-2024-27199

CWE-288

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L