[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-27199":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-21T11:17:02.443Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":51,"aliases":61,"duplicate_of":9,"upstream":62,"downstream":63,"duplicates":64,"related":65,"reserved_at":9,"published_at":66,"modified_at":67,"state":68,"summary":69,"references_raw":79,"kevs":101,"epss":112,"epss_history":114,"metrics":306,"affected":314},"CVE-2024-27199","In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions  was possible",null,[11,26],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-23","Relative Path Traversal","The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as \"..\" that can resolve to a location that is outside of that directory.","weakness","Draft","Base",[19,22],{"id":20,"name":13,"techniques":21},"CAPEC-139",[],{"id":23,"name":24,"techniques":25},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"_key":27,"id":27,"name":28,"description":29,"type":15,"status":30,"abstraction":17,"likelihood_of_exploit":31,"capec":32},"CWE-22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.","Stable","High",[33,37,41,43,47],{"id":34,"name":35,"techniques":36},"CAPEC-126","Path Traversal",[],{"id":38,"name":39,"techniques":40},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":23,"name":24,"techniques":42},[],{"id":44,"name":45,"techniques":46},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":48,"name":49,"techniques":50},"CAPEC-79","Using Slashes in Alternate Encoding",[],[52],{"_key":53,"name":54,"source":55,"url":56,"maturity":57,"reliability_score":58,"verified":59,"type":9,"platforms":60,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_STUUB_RCITY-CVE-2024-27198","Rcity Cve 2024 27198","github","https://github.com/Stuub/RCity-CVE-2024-27198/blob/main/RCity.py","poc",0.3,false,[],[],[],[],[],[],"2024-03-04T17:21:40.081Z","2026-04-21T03:55:31.232Z","Analyzed",{"cisa_kev":70,"cisa_ransomware":59,"cisa_vendor":71,"epss_severity":72,"epss_score":73,"severity":74,"severity_score":75,"severity_version":76,"severity_source":77,"severity_vector":78,"severity_status":68},true,"JetBrains","critical",0.82472,"high",7.3,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",[80,86,91,95],{"url":81,"sources":82,"tags":84},"https://www.jetbrains.com/privacy-security/issues-fixed/",[77,83],"nvd",[85],"Vendor Advisory",{"url":87,"sources":88,"tags":89},"https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive",[77,83],[90],"Press/Media Coverage",{"url":56,"sources":92,"tags":93},[77,83],[94],"Exploit",{"url":96,"sources":97,"tags":98},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-27199",[77,83],[99,100],"Government Resource","US Government Resource",[102],{"source":103,"vendor":71,"product":104,"date_added":105,"vulnerability_name":106,"short_description":107,"required_action":108,"due_date":109,"known_ransomware_campaign_use":110,"notes":111,"exploitation_type":9},"cisa","TeamCity","2026-04-20","JetBrains TeamCity Relative Path Traversal Vulnerability","JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.","Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","2026-05-04","Unknown","https://www.jetbrains.com/privacy-security/issues-fixed/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-27199",{"date":105,"score":73,"percentile":113},0.99232,[115,119,121,123,125,127,129,131,133,135,137,139,141,143,145,149,151,153,155,157,159,161,163,165,167,169,171,173,177,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228,232,234,236,238,240,243,245,247,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303],{"date":116,"score":117,"percentile":118},"2025-11-04",0.94489,0.99999,{"date":120,"score":117,"percentile":118},"2025-11-05",{"date":122,"score":117,"percentile":118},"2025-11-06",{"date":124,"score":117,"percentile":118},"2025-11-07",{"date":126,"score":117,"percentile":118},"2025-11-08",{"date":128,"score":117,"percentile":118},"2025-11-09",{"date":130,"score":117,"percentile":118},"2025-11-10",{"date":132,"score":117,"percentile":118},"2025-11-11",{"date":134,"score":117,"percentile":118},"2025-11-12",{"date":136,"score":117,"percentile":118},"2025-11-13",{"date":138,"score":117,"percentile":118},"2025-11-14",{"date":140,"score":117,"percentile":118},"2025-11-15",{"date":142,"score":117,"percentile":118},"2025-11-16",{"date":144,"score":117,"percentile":118},"2025-11-17",{"date":146,"score":147,"percentile":148},"2025-11-18",0.9447,1,{"date":150,"score":147,"percentile":118},"2025-11-19",{"date":152,"score":147,"percentile":118},"2025-11-20",{"date":154,"score":117,"percentile":118},"2025-11-21",{"date":156,"score":117,"percentile":118},"2025-11-22",{"date":158,"score":117,"percentile":118},"2025-11-23",{"date":160,"score":117,"percentile":118},"2025-11-24",{"date":162,"score":117,"percentile":118},"2025-11-25",{"date":164,"score":117,"percentile":118},"2025-11-26",{"date":166,"score":117,"percentile":118},"2025-11-27",{"date":168,"score":117,"percentile":118},"2025-11-28",{"date":170,"score":117,"percentile":118},"2025-11-29",{"date":172,"score":117,"percentile":118},"2025-11-30",{"date":174,"score":175,"percentile":176},"2025-12-01",0.94398,0.99972,{"date":178,"score":175,"percentile":179},"2025-12-02",0.99973,{"date":181,"score":175,"percentile":179},"2025-12-03",{"date":183,"score":117,"percentile":118},"2025-12-04",{"date":185,"score":117,"percentile":118},"2025-12-05",{"date":187,"score":117,"percentile":118},"2025-12-06",{"date":189,"score":117,"percentile":118},"2025-12-07",{"date":191,"score":117,"percentile":118},"2025-12-08",{"date":193,"score":117,"percentile":118},"2025-12-09",{"date":195,"score":117,"percentile":118},"2025-12-10",{"date":197,"score":117,"percentile":118},"2025-12-11",{"date":199,"score":117,"percentile":118},"2025-12-12",{"date":201,"score":117,"percentile":118},"2025-12-13",{"date":203,"score":117,"percentile":118},"2025-12-14",{"date":205,"score":117,"percentile":118},"2025-12-15",{"date":207,"score":117,"percentile":118},"2025-12-16",{"date":209,"score":117,"percentile":118},"2025-12-17",{"date":211,"score":117,"percentile":118},"2025-12-18",{"date":213,"score":117,"percentile":118},"2025-12-19",{"date":215,"score":117,"percentile":118},"2025-12-20",{"date":217,"score":117,"percentile":118},"2025-12-21",{"date":219,"score":117,"percentile":118},"2025-12-22",{"date":221,"score":117,"percentile":118},"2025-12-23",{"date":223,"score":117,"percentile":118},"2025-12-24",{"date":225,"score":117,"percentile":118},"2025-12-25",{"date":227,"score":117,"percentile":118},"2025-12-26",{"date":229,"score":230,"percentile":231},"2025-12-27",0.94476,0.99998,{"date":233,"score":117,"percentile":118},"2025-12-28",{"date":235,"score":117,"percentile":118},"2025-12-29",{"date":237,"score":117,"percentile":118},"2025-12-30",{"date":239,"score":117,"percentile":118},"2025-12-31",{"date":241,"score":175,"percentile":242},"2026-01-01",0.99974,{"date":244,"score":175,"percentile":242},"2026-01-02",{"date":246,"score":175,"percentile":242},"2026-01-03",{"date":248,"score":117,"percentile":118},"2026-01-04",{"date":250,"score":117,"percentile":118},"2026-01-05",{"date":252,"score":117,"percentile":118},"2026-01-06",{"date":254,"score":117,"percentile":118},"2026-01-07",{"date":256,"score":117,"percentile":118},"2026-01-08",{"date":258,"score":117,"percentile":118},"2026-01-09",{"date":260,"score":117,"percentile":118},"2026-01-10",{"date":262,"score":117,"percentile":118},"2026-01-11",{"date":264,"score":117,"percentile":118},"2026-01-12",{"date":266,"score":117,"percentile":118},"2026-01-13",{"date":268,"score":117,"percentile":118},"2026-01-14",{"date":270,"score":117,"percentile":118},"2026-01-15",{"date":272,"score":117,"percentile":118},"2026-01-16",{"date":274,"score":117,"percentile":118},"2026-01-17",{"date":276,"score":117,"percentile":118},"2026-01-18",{"date":278,"score":117,"percentile":118},"2026-01-19",{"date":280,"score":117,"percentile":118},"2026-01-20",{"date":282,"score":117,"percentile":118},"2026-01-21",{"date":284,"score":117,"percentile":118},"2026-01-22",{"date":286,"score":117,"percentile":118},"2026-01-23",{"date":288,"score":117,"percentile":118},"2026-01-24",{"date":290,"score":117,"percentile":118},"2026-01-25",{"date":292,"score":117,"percentile":118},"2026-01-26",{"date":294,"score":117,"percentile":118},"2026-01-27",{"date":296,"score":117,"percentile":118},"2026-01-28",{"date":298,"score":117,"percentile":118},"2026-01-29",{"date":300,"score":117,"percentile":118},"2026-01-30",{"date":302,"score":117,"percentile":118},"2026-01-31",{"date":304,"score":175,"percentile":305},"2026-02-01",0.99976,[307,312],{"source":77,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":308,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":309,"vectorString":78,"impactScore":310,"exploitabilityScore":311},"HIGH",5.7,10,{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":313,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":309,"vectorString":78,"impactScore":310,"exploitabilityScore":311},[315],{"ecosystem":9,"name":316,"vendor":317,"product":316,"cpe_part":318,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":319},"teamcity","jetbrains","a",[320],{"version":321,"is_range":70,"range_type":322,"version_start":9,"version_start_type":9,"version_end":323,"version_end_type":324,"fixed_in":9},"lt2023.11.4","cpe","2023.11.4","excluding"]