CVE-2024-28173

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Mar 6, 2024

Updated: Dec 16, 2024

CWE ID 201

Summary

CVE-2024-28173 is a vulnerability affecting JetBrains TeamCity between versions 2023.11 and 2023.11.4. This issue allows custom build parameters of the "password" type to be disclosed, potentially exposing sensitive information. Attackers could exploit this vulnerability by gaining unauthorized access to protected data or systems. TeamCity users are strongly advised to upgrade to version 2023.11.4 or later to mitigate this risk. Failure to address this issue may result in data breaches or unintended system access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TeamCity

Affected Vendors

JetBrains

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uyDMJi
https://www.cve.org/CVERecord?id=CVE-2024-28173
https://nvd.nist.gov/vuln/detail/CVE-2024-28173

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners