CVE-2021-25775

In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.8 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
jetbrainsteamcity
𝑥
< 2020.2.1
𝑥
= Vulnerable software versions
References
https://blog.jetbrains.com
https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/
https://blog.jetbrains.com
https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/