Vulnerability intelligence
CVE-2024-27198
JetBrains TeamCity Authentication Bypass Vulnerability
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
CVSS Score
9.8
Critical
EPSS — Exploit Probability
93%
Riskier than 100% of all CVEs
Exploitation
Confirmed in the wild
Used in ransomware campaigns
Remediation
unknown
Federal deadline 2024-03-28
CISA required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Deadline for federal agencies: 2024-03-28.
1 article across 1 outlet · first covered Apr 7, 2026 · latest Apr 7, 2026
Associated threat actors
Coverage timeline
-
Storm-1175 Deploys Medusa Ransomware at 'High Velocity'www.darkreading.com · Apr 7, 2026