Lucene search
JetBrainsCVE-2024-36364HistoryMay 29, 2024 - 2:15 p.m.
CVE-2024-36364
2024-05-2914:15:22
CWE-863
JetBrains
web.nvd.nist.gov
27
jetbrains
teamcity
access control
vulnerability
pull requests
commit status publisher
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible
CNA Affected
[
{
"vendor": "JetBrains",
"product": "TeamCity",
"versions": [
{
"version": "0",
"status": "affected",
"lessThan": "2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
CVE-2024-36364
2024-05-29 13:28:58
vulnrichment
vulnrichment
CVE-2024-36364
2024-05-29 13:28:58
nvd
nvd
CVE-2024-36364
2024-05-29 14:15:22
nessus
nessus
JetBrains TeamCity Multiple Vulnerabilities
2024-05-31 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-36364