In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged in some cases.
Threat-Mapped Scoring
Score: 3.0
Priority: P2 - Serious (High)
-
S1 – Steal Customer Account Information
EPSS
Score: 3e-05
Percentile:
0.00127
CVSS Scoring
CVSS v3.1 Score: 7.5
Severity: HIGH
Mapped CWE(s)
-
CWE-922
: Insecure Storage of Sensitive Information
Affected Products
- cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*
← Back to Home