CVE-2024-41827 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-41827

CWE

https://cwe.mitre.org/data/definitions/613.html

In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration

Weakness

According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”

Affected Software

Name	Vendor	Start Version	End Version
Teamcity	Jetbrains	*	2024.07 (excluding)

Potential Mitigations

References

https://www.jetbrains.com/privacy-security/issues-fixed/
https://www.jetbrains.com/privacy-security/issues-fixed/