What is the CVSS score of CVE-2024-27199?

CVE-2024-27199 has a CVSS 3.1 base score of 7.3 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. EPSS exploitation probability: 82.5%.

Which versions of JetBrains TeamCity are affected by CVE-2024-27199?

Unsecured JetBrains TeamCity deployments are at high risk of attack through a path traversal vulnerability that allows unauthenticated administrative access.

Is there a public PoC exploit available for CVE-2024-27199?

Yes, a public proof-of-concept exploit is available for CVE-2024-27199. Prioritise patching immediately. EPSS: 82.5%.

How to fix or mitigate CVE-2024-27199?

Within 24 hours: Identify all TeamCity instances and versions in your environment; immediately restrict network access to affected installations using firewall rules. Within 7 days: Upgrade all TeamCity servers to version 2023.11.4 or later. Within 30 days: Audit administrative activity logs for unauthorized actions, rotate all deployment and build credentials, implement network segmentation to isolate CI/CD systems, and verify patched systems for signs of compromise.

JetBrains TeamCity CVE-2024-27199

HIGH

Relative Path Traversal (CWE-23)

2024-03-04 cve@jetbrains.com

Path Traversal

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Added to CISA KEV

Apr 20, 2026 - 20:46 CISA

DescriptionNVD

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible

AnalysisAI

Path traversal in JetBrains TeamCity before 2023.11.4 enables remote attackers to perform a limited set of administrative actions by bypassing authentication controls on specific endpoints. This vulnerability is confirmed actively exploited (CISA KEV) with publicly available exploit code, and carries an EPSS score of 82.47% (99th percentile), placing it among the highest-probability exploitation targets currently tracked.

Technical ContextAI

JetBrains TeamCity is a widely deployed continuous integration and build management server used in CI/CD pipelines, often holding source code access, deployment credentials, and signing keys. The root cause is CWE-23 (Relative Path Traversal), where insufficient validation of user-supplied path components allows attackers to reach endpoints or resources outside the intended directory scope. In this case, the traversal targets administrative servlet paths, allowing requests that should require admin authentication to reach handlers without proper authorization checks. The affected component is identified by CPE cpe:2.3:a:jetbrains:teamcity for all versions prior to 2023.11.4.

RemediationAI

Vendor-released patch: upgrade to JetBrains TeamCity 2023.11.4 or later, which is the primary and recommended remediation per the JetBrains advisory referenced by the cve@jetbrains.com disclosure. For environments that cannot patch immediately, restrict network access to the TeamCity web interface by placing it behind a VPN or IP-allowlisted reverse proxy so only trusted operator networks can reach administrative endpoints - the trade-off is that remote developers and external integrations lose direct access until patched. Additionally, audit administrative accounts, recently created users, and authentication tokens for unauthorized changes after exposure, and rotate any credentials, SSH keys, or signing material stored in TeamCity given that exploitation is confirmed in the wild.

CVE-2024-27199 vulnerability details – vuln.today

Back