CVE-2024-56348

MEDIUM LAB

Jetbrains Teamcity < 2024.12 - Incorrect Authorization

Title source: rule

Description

In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents

Exploits (2)

nomisec WORKING POC 1 stars
by joshuavanderpoll · poc
https://github.com/joshuavanderpoll/cve-2024-56348
nomisec WORKING POC
by Msakhana68 · poc
https://github.com/Msakhana68/cve-2024-56348

References (1)

Scores

CVSS v3 4.3
EPSS 0.0000
EPSS Percentile 0.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Lab Environment

COMMUNITY
Community Lab
docker pull eclipse-temurin:11-jre-jammy

Details

CWE
CWE-863
Status published
Products (1)
jetbrains/teamcity < 2024.12
Published Dec 20, 2024
Tracked Since Feb 18, 2026