CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36378
https://notcve.org/view.php?id=CVE-2024-36378
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens En JetBrains TeamCity antes de 2024.03.2, el servidor era susceptible a ataques DoS con tokens de autenticación incorrectos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36377
https://notcve.org/view.php?id=CVE-2024-36377
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions En JetBrains TeamCity antes de 2024.03.2, ciertos endpoints de la API de TeamCity no verificaban los permisos de usuario • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36376
https://notcve.org/view.php?id=CVE-2024-36376
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions En JetBrains TeamCity antes de 2024.03.2, los usuarios podían realizar acciones que no deberían estar disponibles para ellos según sus permisos. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36375
https://notcve.org/view.php?id=CVE-2024-36375
In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed En JetBrains TeamCity antes de 2024.03.2, la información técnica sobre el servidor TeamCity podría estar expuesta • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36374
https://notcve.org/view.php?id=CVE-2024-36374
In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible En JetBrains TeamCity antes de 2024.03.2 era posible XSS almacenado a través de la configuración de pasos de compilación • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •