CVE-2024-47949

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Oct 8, 2024
Updated: Oct 11, 2024
CWE ID 23
CWE ID 22

Summary

CVE-2024-47949 is a vulnerability affecting JetBrains TeamCity prior to version 2024.07.3, which permits path traversal that allows backup files to be written to arbitrary locations. This vulnerability has a medium severity rating with a CVSS score of 4.9, requiring high privileges for exploitation and posing a significant integrity impact on affected systems. Organizations using the compromised versions of TeamCity should promptly update to the latest version to mitigate this risk and prevent unauthorized file access or modifications. The attack vector is classified as network-based, and no user interaction is needed for exploitation. The lack of confidentiality impact suggests that sensitive data may not be at risk, but the potential for integrity breaches remains a concern for affected organizations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share