CyberSec.Space Logo
Back to CVE Browser

CVE-2021-31909

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1960%
EPSS Percentile26.29th
PublishedMay 11, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.

Affected Platforms (CPE)

πŸ“¦
Jetbrains

Teamcity

< 2020.2.3

References & Advisories

πŸ”— https://blog.jetbrains.com
πŸ”— https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/
πŸ”— https://blog.jetbrains.com
πŸ”— https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/

Related Vulnerabilities

CVE-2019-183649.8

In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.

CVE-2021-432009.8

In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.

CVE-2019-150399.8

An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity ...

CVE-2021-319149.8

In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.