CyberSec.Space Logo
Back to CVE Browser

CVE-2019-18364

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile6.78th
PublishedOct 31, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.

Affected Platforms (CPE)

📦
Jetbrains

Teamcity

< 2019.1.4

References & Advisories

🔗 https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/
🔗 https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/

Related Vulnerabilities

CVE-2021-319099.8

In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.

CVE-2021-432009.8

In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.

CVE-2019-150399.8

An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity ...

CVE-2021-319149.8

In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.