Detections
Analytics
CVE-2024-27198
critical
Description
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
From the Tenable Blog
CVE-2024-27198, CVE-2024-27199: Two Authentication Bypass Vulnerabilities in JetBrains TeamCity
Published: 2024-03-06
Two vulnerabilities with publicly available exploit code in JetBrains TeamCity on-premises software could result in attackers bypassing authentication and achieving code execution.
References
https://cybelangel.com/blog/qilin-ransomware-tactics-attack/
https://thehackernews.com/2025/05/china-linked-hackers-exploit-sap-and.html
https://www.securityweek.com/chinese-hacking-group-earth-lamia-targets-multiple-industries/
https://www.trendmicro.com/en_us/research/25/e/earth-lamia.html
https://securelist.com/vulnerability-report-q1-2024/112554/
https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html
https://www.guidepointsecurity.com/blog/bianlian-gos-for-powershell-after-teamcity-exploitation/
https://www.theregister.com/2024/03/07/teamcity_exploits_lead_to_ransomware/
Details
Published: 2024-03-04
Updated: 2025-10-24
Known Exploited Vulnerability (KEV)
Risk Information
CVSS v2
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Severity: Critical
CVSS v3
Base Score: 9.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: Critical
EPSS
EPSS: 0.93047
Vulnerability Watch
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Interest