AttackerKBAKB:272A41FD-6E6B-4BF6-8544-0481382E8B2BCVE-2024-27198
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
99.8%
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Recent assessments:
sfewer-r7 at March 04, 2024 8:24pm UTC reported:
CVE-2024-27198, allows for a complete compromise of a vulnerable TeamCity server by a remote unauthenticated attacker, including unauthenticated RCE. Compromising a TeamCity server allows an attacker full control over all TeamCity projects, builds, agents and artifacts, and as such is a suitable vector to position an attacker to perform a supply chain attack.
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27198
github.com/Chocapikk/CVE-2024-27198
github.com/Pypi-Project/RCity-CVE-2024-27198
github.com/rapid7/metasploit-framework/pull/18922
github.com/tucommenceapousser/CVE-2024-27198
github.com/W01fh4cker/CVE-2024-27198-RCE
github.com/yoryio/CVE-2024-27198
twitter.com/brody_n77/status/1765145148227555826
www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
www.jetbrains.com/privacy-security/issues-fixed/
www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
99.8%