CVE-2024-28174

CVSS 3.1 Score 5.8 of 10 (medium)

Details

Published Mar 6, 2024
CWE ID 863

Summary

CVE-2024-28174 is a vulnerability that affects JetBrains TeamCity versions before 2023.11.4, specifically in the S3 Artifact Storage plugin. The issue stems from improper authorization of presigned URL generation requests. There are numerous products that are affected by this vulnerability, including TeamCity itself and various other related products. The severity of this vulnerability is rated as MEDIUM, with a base score of 5.8 out of 10. To remediate the issue, organizations should update their JetBrains TeamCity installation to version 2023.11.4 or later. The potential danger posed to an organization includes the possibility of unauthorized access to sensitive data stored in the affected systems, as well as potential exploitation by attackers to compromise the integrity of the software or disrupt its availability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-28174 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options