CVE-2024-27198
Description
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Severity: CRITICAL
CVE ID: CVE-2024-27198
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2024-27198
Refrence: Project Discovery GitHub
Chocapikk
Proof of Concept for Authentication Bypass in JetBrains TeamCity Pre-2023.11.4
Refrence: GitHub
yoryio
Exploit for CVE-2024-27198 - TeamCity Server
Refrence: GitHub
W01fh4cker
CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4
Refrence: GitHub
rampantspark
A PoC for CVE-2024-27198 written in golang
Refrence: GitHub
passwa11
Refrence: GitHub
CharonDefalt
Refrence: GitHub
K3ysTr0K3R
A PoC exploit for CVE-2024-27198 - JetBrains TeamCity Authentication Bypass
Refrence: GitHub
Shimon03
Em fevereiro de 2024, foi identificado duas novas vulnerabilidades que afetam o servidor JetBrains TeamCity (CVE-2024-27198 e CVE-2024-27199)
Refrence: GitHub
Stuub
CVE-2024-27198 & CVE-2024-27199 PoC - RCE, Admin Account Creation, Enum Users, Server Information
Refrence: GitHub