CVSS: 6.3EPSS: %CPEs: 1EXPL: 0CVE-2024-56351
https://notcve.org/view.php?id=CVE-2024-56351
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-613: Insufficient Session Expiration •
CVSS: 4.3EPSS: %CPEs: 1EXPL: 0CVE-2024-56350
https://notcve.org/view.php?id=CVE-2024-56350
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: %CPEs: 1EXPL: 0CVE-2024-56349
https://notcve.org/view.php?id=CVE-2024-56349
In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: %CPEs: 1EXPL: 0CVE-2024-56348
https://notcve.org/view.php?id=CVE-2024-56348
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47951
https://notcve.org/view.php?id=CVE-2024-47951
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •