{"vulnerability": "CVE-2024-4182", "sightings": [{"uuid": "7f381e02-bb48-4650-bccd-a75037f1cd8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41824", "type": "seen", "source": "https://t.me/cvedetector/1454", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41824 - JetBrains TeamCity Password Leakage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41824 \nPublished : July 22, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : In JetBrains TeamCity before 2024.07 parameters of the \"password\" type could leak into the build log in some specific cases \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T17:49:57.000000Z"}, {"uuid": "d264324c-e92d-4302-89bd-34442f9b0674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41820", "type": "seen", "source": "https://t.me/cvedetector/2491", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41820 - Kubean Cluster Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41820 \nPublished : Aug. 5, 2024, 8:15 p.m. | 38\u00a0minutes ago \nDescription : Kubean is a cluster lifecycle management toolchain based on kubespray and other cluster LCM engine. The ClusterRole has `*` verbs of `*` resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. This issue has been addressed in release version 0.18.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-05T23:06:45.000000Z"}, {"uuid": "19be50ec-5c4d-4628-a36b-98cdaf52e3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41825", "type": "seen", "source": "https://t.me/cvedetector/1453", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41825 - JetBrains TeamCity Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41825 \nPublished : July 22, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T17:49:53.000000Z"}, {"uuid": "eeee03ee-ccca-4360-9117-578b481731d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41826", "type": "seen", "source": "https://t.me/cvedetector/1452", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41826 - JetBrains TeamCity Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41826 \nPublished : July 22, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T17:49:52.000000Z"}, {"uuid": "191e959a-3ee5-4318-9cb1-256d7ca703f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41827", "type": "seen", "source": "https://t.me/cvedetector/1451", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41827 - JetBrains TeamCity Access Token Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-41827 \nPublished : July 22, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T17:49:51.000000Z"}, {"uuid": "61783356-30b9-4a42-889c-53761ae45d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41828", "type": "seen", "source": "https://t.me/cvedetector/1450", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41828 - JetBrains TeamCity Token Validation Timing Attack\", \n  \"Content\": \"CVE ID : CVE-2024-41828 \nPublished : July 22, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time \nSeverity: 2.6 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T17:49:50.000000Z"}, {"uuid": "c26c3f1b-e0cb-4942-9393-ac93f05c69f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41829", "type": "seen", "source": "https://t.me/cvedetector/1449", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41829 - JetBrains TeamCity OAuth Code Stealing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41829 \nPublished : July 22, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T17:49:49.000000Z"}, {"uuid": "001ce7b1-897a-45ce-ae38-4cb64b4cd755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41827", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7327", "content": "\u200aCVE-2024-41827: Expired Tokens Still Active in JetBrains TeamCity, Urgent Update Required\n\nhttps://securityonline.info/cve-2024-41827-expired-tokens-still-active-in-jetbrains-teamcity-urgent-update-required/", "creation_timestamp": "2024-07-25T09:37:53.000000Z"}]}