CVE-2024-27199
Published Mar 4, 2024
Last updated 2 months ago
AI description
CVE-2024-27199 is an authentication bypass vulnerability impacting JetBrains TeamCity servers. This flaw, identified as a path traversal issue (CWE-22), allows remote attackers to circumvent authentication mechanisms by sending specially crafted HTTP requests. This enables unauthorized access to administrative endpoints without valid credentials. The vulnerability affects JetBrains TeamCity versions prior to 2023.11.4. Exploitation of CVE-2024-27199 could lead to limited administrative actions, information leakage, or unauthorized system modifications.
- Description
- In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
- Source
- cve@jetbrains.com
- NVD status
- Analyzed
- Products
- teamcity
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
- Hype score
- Not currently trending
00:00 UTC: CVE-2024-27199 disclosed. CISA: CVE-2024-27199 added to Known Exploited Vulnerabilities — JetBrains TeamCity What happened CISA added CVE-2024-27199 (JetBrains TeamCity) to the Known Exploited Vulnerabilities (KEV) catalog, signaling confirmed in-the-wild…
@lyrie_ai
4 May 2026
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA added CVE-2024-27199 to KEV: path traversal in JetBrains TeamCity lets unauth attackers reach ~40 admin endpoints. Flagged for known ransomware use. Patched in TeamCity 2023.11.4 — if yours is internet-facing, today. https://t.co/QktKK9mewL
@TechTranslators
25 Apr 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)の既知の悪用された脆弱性カタログが更新。4件についてランサムウェアによる悪用を確認。対象はPaperCut NG/MFのCVE-2023-27351、TeamCityのCVE-2024-27199、Exchange Sevr
@__kokumoto
21 Apr 2026
1024 Impressions
0 Retweets
2 Likes
1 Bookmark
1 Reply
1 Quote
CISAが既知の悪用された脆弱性8件をカタログに追加 https://t.co/pNkjqAkOwD CVE-2023-27351 PaperCut NG/MF 認証エラーの脆弱性 CVE-2024-27199 JetBrains TeamCity 相対パストラバーサル脆弱性 CVE-2025-2749 Kentico Xperienceのパストラバー
@cybersecnews_jp
21 Apr 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
Warning: Patch traversal vulnerability in #JetBrains TeamCity. #CVE-2024-27199 CVSS: 7.3. This older vulnerability was recently added to the #CISA #Kev catalogue. #Active exploitation is confirmed. https://t.co/XzmReSoRA2 #Patch #Patch #Patch
@CCBalert
21 Apr 2026
164 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-27199: Active exploitation of JetBrains TeamCity path traversal. Affected: TeamCity CI/CD servers before version 2023.11.4. Risk: Unauthenticated attackers can perform admin actions, threatening software supply chains. Actions: Patch immediately to 2023.11.4+, monitor
@RedHornet_Intel
21 Apr 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-27199 #JetBrains #TeamCity Relative Path Traversal Vulnerability https://t.co/P6l7MTJOA6
@ScyScan
21 Apr 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAが既知の悪用された脆弱性8件をカタログに追加 CISA Adds Eight Known Exploited Vulnerabilities to Catalog #CISA (Apr 20) CVE-2023-27351 PaperCut NG/MF 認証エラーの脆弱性 CVE-2024-27199 JetBrains TeamCity 相対パストラバーサル脆弱性 C
@foxbook
21 Apr 2026
376 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA just added 8 vulnerabilities to Known Exploited Catalog. Active exploitation confirmed. CVE-2025-48700 (Zimbra XSS), CVE-2025-32975 (Quest KACE), CVE-2024-27199 (JetBrains TeamCity). If you're running these, you're already compromised. #Cybersecurity #CISA
@battista212
20 Apr 2026
185 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ CVE-2024-27199: Vulnerabilidad de Path Traversal en JetBrains TeamCity Explotada Análisis técnico de CVE-2024-27199, una falla de path traversal en TeamCity que permite acciones admin limitadas. Impacto, mitigaciones y recomendaciones de CIS https://t.co/RroxMCSpfH
@CiberPlanetaOrg
20 Apr 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including CVE-2023-27351 and CVE-2024-27199, due to active exploitation. Stay vigilant and update systems promptly. #NerdieNews #CyberSecurity #BreakingNews #InfoSec #Cisco htt
@NewsNerdie
20 Apr 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Alerta de Seguridad: Vulnerabilidad de Recorrido de Ruta Relativa en JetBrains TeamCity (CVE-2024-27199) La vulnerabilidad CVE-2024-27199 en JetBrains TeamCity permite recorrido de ruta relativa (CWE-23), habilitando acciones administrativas limitadas. Severidad alta (CVS
@CiberPlanetaOrg
20 Apr 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alert Background: Some of the key vulnerabilities they have exploited include CVE-2017-9805 (Apache Struts), CVE-2021-22205 (GitLab), CVE-2024-9047 (WordPress), CVE-2024-27198 and CVE-2024-27199 (TeamCity), CVE-2024-51378 and CVE-2024-51567 (CyberPanel) https://t.co/dSfmGWyicJ
@KootekSecurity
31 May 2025
82 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-27199 TeamCity server CVE makes it easy to create an unauthorized admin account bypassing 403 errors on a domain. GitHub: https://t.co/IBjaAWENhY usage: python https://t.co/40BHKw9KSn -t https://t.co/5Xi4OMZNbL --verbose #teamcity https://t.co/c9tZ86CeJ9
@CyberPentestLab
23 Apr 2025
49 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66B25AF5-F103-4A5C-8A39-901357131404",
"versionEndExcluding": "2023.11.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]