CVE ID
CVE-2024-27198
Vulnerability Name
JetBrains TeamCity Authentication Bypass Vulnerability
- Project: JetBrains
- Product: TeamCity
Date
- Date Added: 2024-03-07
- Due Date: 2024-03-28
Description
JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.jetbrains.com/help/teamcity/teamcity-2023-11-4-release-notes.html; https://nvd.nist.gov/vuln/detail/CVE-2024-27198
Related Security News
- China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
- Microsoft links Medusa ransomware affiliate to zero-day attacks
- China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
- Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
- Hackers use PoC exploits in attacks 22 minutes after release
Top comments (0)