Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Vulnerability Type
不安全的缺省变量初始化
Vulnerability Title
JetBrains TeamCity 安全漏洞
Vulnerability Description
JetBrains TeamCity是捷克JetBrains公司的一套分布式构建管理和持续集成工具。该工具提供持续单元测试、代码质量分析和构建问题分析报告等功能。 JetBrains TeamCity 2022.10至2022.10.1版本存在安全漏洞,该漏洞源于使用默认凭证提供程序链连接到AWS,允许项目管理员访问通常仅限于系统管理员访问的AWS资源。
CVSS Information
N/A
Vulnerability Type
N/A