Exposures › CVE-2024-27199
JetBrains TeamCity exploited via CVE-2024-27199 enables limited admin actions, posing a supply-chain risk for DIB organizations using the service.
This relative path traversal vulnerability allows limited administrative actions to be performed, potentially compromising build integrity and access controls. DIB organizations must immediately audit TeamCity configurations and apply patches to prevent unauthorized admin actions that could lead to data exfiltration or ransomware entry.
Shame score — A critical, actively exploited vulnerability in a widely used build tool that allows limited admin actions, though not full remote code execution.
JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.
No correlated FedRAMP products.