CVE-2024-29880

CVSS 3.1 Score 4.2 of 10 (medium)

Details

Published Mar 21, 2024
CWE ID 749

Summary

CVE-2024-29880 is a newly disclosed vulnerability affecting JetBrains TeamCity versions prior to 2023.11. This issue grants users with access to the agent machine the ability to obtain elevated permissions, specifically those of the user running the agent process. The implications of this vulnerability are significant, as it could potentially allow unauthorized users to gain administrative access to the TeamCity server and execute malicious commands. To mitigate this risk, it is strongly recommended that users upgrade to the latest version of TeamCity as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share