exploitDog

CVE-2015-1313

Опубликовано: 29 июн. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.

Ссылки

https://beyondbinary.io/articles/teamcity-account-creation/
Exploit
Third Party Advisory
https://www.jetbrains.com/teamcity/download/
Product
https://beyondbinary.io/articles/teamcity-account-creation/
Exploit
Third Party Advisory
https://www.jetbrains.com/teamcity/download/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*

Версия от 8.0 (включая) до 9.0.2 (исключая)

EPSS

Процентиль: 0%

0.00002

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-425

Связанные уязвимости

GHSA-qjwq-qh5c-p96w

CVSS3: 6.5

github

больше 2 лет назад

JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.

EPSS

Процентиль: 0%

0.00002

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-425