CVE-2020-35667
https://notcve.org/view.php?id=CVE-2020-35667
JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials. JetBrains TeamCity Plugin versiones anteriores a 2020.2.85695. Una vulnerabilidad de tipo SSRF que potencialmente podría exponer unas credenciales del usuario • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2021-25777
https://notcve.org/view.php?id=CVE-2021-25777
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. En JetBrains TeamCity versiones anteriores a 2020.2.1, los permisos durante la eliminación del token fueron comprobados inapropiadamente • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 • CWE-863: Incorrect Authorization •
CVE-2021-25778
https://notcve.org/view.php?id=CVE-2021-25778
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. En JetBrains TeamCity versiones anteriores a 2020.2.1, los permisos durante la eliminación del usuario fueron comprobados inapropiadamente • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 •
CVE-2021-25775
https://notcve.org/view.php?id=CVE-2021-25775
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. En JetBrains TeamCity versiones anteriores a 2020.2.1, el administrador del servidor podía crear y visualizar tokens de acceso para cualquier otro usuario • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 •
CVE-2021-25774
https://notcve.org/view.php?id=CVE-2021-25774
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. En JetBrains TeamCity versiones anteriores a 2020.2.1, un usuario podía conseguir acceso a un token de acceso de GitHub de otro usuario • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 • CWE-863: Incorrect Authorization •