CyberSec.Space Logo
Back to CVE Browser

CVE-2021-43200

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile24.70th
PublishedNov 9, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.

Affected Platforms (CPE)

📦
Jetbrains

Teamcity

< 2021.2

References & Advisories

🔗 https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/
🔗 https://blog.jetbrains.com/blog/2021/11/08/jetbrains-security-bulletin-q3-2021/

Related Vulnerabilities

CVE-2019-183649.8

In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.

CVE-2021-319099.8

In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.

CVE-2019-150399.8

An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity ...

CVE-2021-319149.8

In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.