CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15036
https://notcve.org/view.php?id=CVE-2019-15036
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and 2019.1. Se detectó un problema en JetBrains TeamCity versión 2018.2.4. Un administrador de TeamCity Project podría ejecutar cualquier comando en la máquina del servidor. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15037
https://notcve.org/view.php?id=CVE-2019-15037
An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1. Se detectó un problema en JetBrains TeamCity versión 2018.2.4. Presentaba varias vulnerabilidades de tipo XSS en las páginas de configuración. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15035
https://notcve.org/view.php?id=CVE-2019-15035
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1. Se descubrió un problema en JetBrains TeamCity versión 2018.2.4. Un administrador de TeamCity Project podría obtener acceso a datos de nivel de servidor potencialmente confidenciales. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15042
https://notcve.org/view.php?id=CVE-2019-15042
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1. Se descubrió un problema en JetBrains TeamCity versión 2018.2.4. No presenta comprobación de certificado SSL para algunas conexiones https externas. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15038
https://notcve.org/view.php?id=CVE-2019-15038
An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1. Se descubrió un problema en JetBrains TeamCity versión 2018.2.4. El servidor TeamCity no estaba usando algunos encabezados HTTP relacionados con la seguridad. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 •