In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
https://www.hivepro.com/threat-advisory/jetbrains-teamcity-authentication-bypass-flaw-paving-the-way-for-server-takeover/
https://securityaffairs.com/158790/hacking/jetbrains-teamcity-on-premises-bug.html
https://www.theregister.com/2024/02/07/jetbrains_teamcity_critical_vuln/
https://www.bleepingcomputer.com/news/security/jetbrains-warns-of-new-teamcity-auth-bypass-vulnerability/?&web_view=true
https://www.bleepingcomputer.com/news/security/jetbrains-warns-of-new-teamcity-auth-bypass-vulnerability/
https://www.jetbrains.com/privacy-security/issues-fixed/
Source: Mitre, NVD
Published: 2024-02-06
Updated: 2024-02-09
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Severity: Critical
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H