CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39879
https://notcve.org/view.php?id=CVE-2024-39879
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings En JetBrains TeamCity antes de 2024.03.3, el token de aplicación podía exponerse en la configuración del perfil de nube EC2 • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-522: Insufficiently Protected Credentials •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39878
https://notcve.org/view.php?id=CVE-2024-39878
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection En JetBrains TeamCity antes de 2024.03.3, la clave privada podía exponerse mediante la prueba de conexión de la aplicación GitHub • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36470
https://notcve.org/view.php?id=CVE-2024-36470
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 la omisión de autenticación era posible en casos extremos específicos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36378
https://notcve.org/view.php?id=CVE-2024-36378
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens En JetBrains TeamCity antes de 2024.03.2, el servidor era susceptible a ataques DoS con tokens de autenticación incorrectos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36377
https://notcve.org/view.php?id=CVE-2024-36377
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions En JetBrains TeamCity antes de 2024.03.2, ciertos endpoints de la API de TeamCity no verificaban los permisos de usuario • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •