Exploit for Authentication Bypass Using an Alternate Path or Channel...

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

CVE-2024-27198 Lab Description TeamCity provides an admin-only page for token management that is not protected by authentication. This allows an unauthenticated user to generate an access token for the admin user if they can find an ID of an existing...

Visit Original Source

Basic Information

ID D6B398F7-FE57-54AC-9E26-6CF71F1FCAB0

Published May 18, 2026 at 18:11

Modified May 18, 2026 at 18:14

{
    "lastseen": "2026-05-18T18:15:48",
    "description": "CVE-2024-27198 Lab Description TeamCity provides an admin-only page for token management that is not protected by authentication. This allows an unauthenticated user to generate an access token for the admin user if they can find an ID of an existing...",
    "published": "2026-05-18T18:11:23",
    "modified": "2026-05-18T18:14:29",
    "type": "githubexploit",
    "title": "Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity",
    "source": "",
    "references": "",
    "id": "D6B398F7-FE57-54AC-9E26-6CF71F1FCAB0",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2024-27198"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/Ne0zer01/CVE-2024-27198_LAB",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity_D6B398F7-FE57-54AC-9E26-6CF71F1FCAB0

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply