Threat Intelligence / CVE / CVE-2024-27199
CVE-2024-27199
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Weaknesses (CWE)
CWE-23, CWE-22
Threats tracking this CVE
- Storm-1175 Medusa Ransomware Zero-Day Exploitation Campaign (CVE-2026-23760, CVE-2025-10035) — CRITICAL
References
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
- https://www.jetbrains.com/privacy-security/issues-fixed/
- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
- https://www.jetbrains.com/privacy-security/issues-fixed/
- https://github.com/Stuub/RCity-CVE-2024-27198/blob/main/RCity.py
Full detection coverage & IOCs for threats exploiting CVE-2024-27199 are available via the Threadlinqs MCP server (Purple tier). View plans →