CVE-2024-39878

CVSS 3.1 Score 4.1 of 10 (medium)

Details

Published Jul 1, 2024

Updated: Jul 2, 2024

CWE ID 522

Summary

CVE-2024-39878 is a newly disclosed vulnerability in JetBrains TeamCity that could allow unauthorized access to private keys. Before the release of version 2024.03.3, the software contained a flaw in the handling of GitHub App Connections, potentially exposing private keys during testing. An attacker could exploit this vulnerability to gain access to sensitive information and impersonate the affected TeamCity server. Organizations using TeamCity are encouraged to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TeamCity

Affected Vendors

JetBrains

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wwfeJA
https://www.cve.org/CVERecord?id=CVE-2024-39878
https://nvd.nist.gov/vuln/detail/CVE-2024-39878

Back to Vulnerability Database