CVE-2015-1313: Input Validation
First published: Thu Jun 29 2023(Updated: )
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jetbrains Teamcity | >=8.0<9.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this JetBrains TeamCity vulnerability?
The vulnerability ID for this JetBrains TeamCity vulnerability is CVE-2015-1313.
What is the severity rating of CVE-2015-1313?
The severity rating of CVE-2015-1313 is medium, with a score of 6.5.
What is the affected software for CVE-2015-1313?
JetBrains TeamCity versions 8 and 9 before 9.0.2 are affected by CVE-2015-1313.
How does CVE-2015-1313 allow bypass of account-creation restrictions?
CVE-2015-1313 allows bypass of account-creation restrictions by deducing the required request data from HTML and JavaScript files returned to the web browser after an initial unauthenticated request.
How can I fix CVE-2015-1313?
To fix CVE-2015-1313, it is recommended to update JetBrains TeamCity to version 9.0.2 or later.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/jetbrains
- canonical/jetbrains teamcity
- version/jetbrains teamcity/8.0