Threat Intelligence / CVE / CVE-2024-27198
CVE-2024-27198
CISA KEVRansomwareIn JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses (CWE)
CWE-288, NVD-CWE-Other
References
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
- https://www.jetbrains.com/privacy-security/issues-fixed/
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
- https://www.jetbrains.com/privacy-security/issues-fixed/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-27198
Full detection coverage & IOCs for threats exploiting CVE-2024-27198 are available via the Threadlinqs MCP server (Purple tier). View plans →