CVE-2024-36376

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published May 29, 2024

CWE ID 863

Summary

CVE-2024-36376 is a newly disclosed vulnerability in JetBrains TeamCity. This issue enables users to execute actions beyond their granted permissions before the version 2024.03.2. As a result, unauthorized actions could be performed, potentially leading to security breaches or data corruption. The exact nature of these actions is not clear, but it is recommended that users upgrade to the latest version to mitigate this risk. The specifics of the exploitation method and the impact of the vulnerability are still under investigation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wF4Dh5
https://www.cve.org/CVERecord?id=CVE-2024-36376
https://nvd.nist.gov/vuln/detail/CVE-2024-36376

Back to Vulnerability Database

CVE-2024-36376

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations