Sign-up

ID

VAR-202105-1412


CVE

CVE-2021-31914


TITLE

JetBrains TeamCity  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-006644

DESCRIPTION

In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible. JetBrains TeamCity Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. TeamCity is a Java-based build management and continuous integration server launched by JetBrains

Trust: 2.25

sources: NVD: CVE-2021-31914 // JVNDB: JVNDB-2021-006644 // CNVD: CNVD-2021-34750 // VULMON: CVE-2021-31914

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-34750

AFFECTED PRODUCTS

vendor:jetbrainsmodel:teamcityscope:ltversion:2020.2.4

Trust: 1.6

vendor:jetbrainsmodel:teamcityscope:eqversion: -

Trust: 0.8

vendor:jetbrainsmodel:teamcityscope:eqversion:2020.2.4

Trust: 0.8

sources: CNVD: CNVD-2021-34750 // JVNDB: JVNDB-2021-006644 // NVD: CVE-2021-31914

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-31914
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-31914
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2021-34750
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202105-690
value: CRITICAL

Trust: 0.6

VULMON: CVE-2021-31914
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-31914
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2021-34750
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-31914
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-31914
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-34750 // VULMON: CVE-2021-31914 // JVNDB: JVNDB-2021-006644 // CNNVD: CNNVD-202105-690 // NVD: CVE-2021-31914

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-006644 // NVD: CVE-2021-31914

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202105-690

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202105-690

PATCH

title:The JetBrains Blog JetBrainsurl:https://blog.jetbrains.com

Trust: 0.8

title:Patch for JetBrains TeamCity arbitrary code execution vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/265181

Trust: 0.6

title:Jetbrains JetBrains TeamCity Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151107

Trust: 0.6

sources: CNVD: CNVD-2021-34750 // JVNDB: JVNDB-2021-006644 // CNNVD: CNNVD-202105-690

EXTERNAL IDS

db:NVDid:CVE-2021-31914

Trust: 3.9

db:JVNDBid:JVNDB-2021-006644

Trust: 0.8

db:CNVDid:CNVD-2021-34750

Trust: 0.6

db:CNNVDid:CNNVD-202105-690

Trust: 0.6

db:VULMONid:CVE-2021-31914

Trust: 0.1

sources: CNVD: CNVD-2021-34750 // VULMON: CVE-2021-31914 // JVNDB: JVNDB-2021-006644 // CNNVD: CNNVD-202105-690 // NVD: CVE-2021-31914

REFERENCES

url:https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-31914

Trust: 1.4

url:https://blog.jetbrains.com

Trust: 1.1

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2021-34750 // VULMON: CVE-2021-31914 // JVNDB: JVNDB-2021-006644 // CNNVD: CNNVD-202105-690 // NVD: CVE-2021-31914

SOURCES

db:CNVDid:CNVD-2021-34750
db:VULMONid:CVE-2021-31914
db:JVNDBid:JVNDB-2021-006644
db:CNNVDid:CNNVD-202105-690
db:NVDid:CVE-2021-31914

LAST UPDATE DATE

2024-08-14T14:25:19.412000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-34750date:2021-05-16T00:00:00
db:VULMONid:CVE-2021-31914date:2021-05-17T00:00:00
db:JVNDBid:JVNDB-2021-006644date:2022-01-14T09:05:00
db:CNNVDid:CNNVD-202105-690date:2021-05-19T00:00:00
db:NVDid:CVE-2021-31914date:2021-05-17T14:52:33.267

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-34750date:2021-05-16T00:00:00
db:VULMONid:CVE-2021-31914date:2021-05-11T00:00:00
db:JVNDBid:JVNDB-2021-006644date:2022-01-14T00:00:00
db:CNNVDid:CNNVD-202105-690date:2021-05-11T00:00:00
db:NVDid:CVE-2021-31914date:2021-05-11T13:15:12.880