Exploit for Authentication Bypass Using an Alternate Path or Channel...

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

CVE-2024-27198 Lab Description TeamCity provides an admin-only page for token management that is not protected by authentication. This allows an unauthenticated user to generate an access token for the admin user if they can find an ID of an existing...

Visit Original Source

Basic Information

ID 05DFD629-3F18-5D72-86FF-7FAE1B2B58D2

Published May 18, 2026 at 12:49

Modified May 18, 2026 at 12:50

{
    "lastseen": "2026-05-18T12:53:09",
    "description": "CVE-2024-27198 Lab Description TeamCity provides an admin-only page for token management that is not protected by authentication. This allows an unauthenticated user to generate an access token for the admin user if they can find an ID of an existing...",
    "published": "2026-05-18T12:49:39",
    "modified": "2026-05-18T12:50:23",
    "type": "githubexploit",
    "title": "Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity",
    "source": "",
    "references": "",
    "id": "05DFD629-3F18-5D72-86FF-7FAE1B2B58D2",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2024-27198"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/cmpnn-romain/CVE-2024-27198_Lab",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity_05DFD629-3F18-5D72-86FF-7FAE1B2B58D2

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply