CVE-2024-28173

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Mar 6, 2024

CWE ID 201

Summary

CVE-2024-28173 is a vulnerability affecting JetBrains TeamCity between versions 2023.11 and 2023.11.4. This issue allows custom build parameters of the "password" type to be disclosed, potentially exposing sensitive authentication information. Attackers could exploit this vulnerability by gaining unauthorized access to protected systems or data. TeamCity users are strongly urged to upgrade to the patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TeamCity

Affected Vendors

JetBrains

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uyDMJi
https://www.cve.org/CVERecord?id=CVE-2024-28173
https://nvd.nist.gov/vuln/detail/CVE-2024-28173

Back to Vulnerability Database