CVE-2022-46831

In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
References
Configurations

Configuration 1

cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*

Information

Published : 2022-12-08 06:15

Updated : 2022-12-12 04:33


NVD link : CVE-2022-46831

Mitre link : CVE-2022-46831

Products Affected
No products.
CWE
CWE-1188

Insecure Default Initialization of Resource