CVE-2022-46831

CVSS 6.6 MEDIUMEPSS 0.4%CWE-453

In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L

Productos afectados

JetBrains · TeamCity

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.jetbrains.com/privacy-security/issues-fixed/