CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36470
https://notcve.org/view.php?id=CVE-2024-36470
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases En JetBrains TeamCity antes de 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 la omisión de autenticación era posible en casos extremos específicos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36378
https://notcve.org/view.php?id=CVE-2024-36378
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens En JetBrains TeamCity antes de 2024.03.2, el servidor era susceptible a ataques DoS con tokens de autenticación incorrectos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36377
https://notcve.org/view.php?id=CVE-2024-36377
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions En JetBrains TeamCity antes de 2024.03.2, ciertos endpoints de la API de TeamCity no verificaban los permisos de usuario • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36376
https://notcve.org/view.php?id=CVE-2024-36376
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions En JetBrains TeamCity antes de 2024.03.2, los usuarios podían realizar acciones que no deberían estar disponibles para ellos según sus permisos. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36375
https://notcve.org/view.php?id=CVE-2024-36375
In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed En JetBrains TeamCity antes de 2024.03.2, la información técnica sobre el servidor TeamCity podría estar expuesta • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-209: Generation of Error Message Containing Sensitive Information •