In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
References
Link | Resource |
---|---|
https://www.jetbrains.com/privacy-security/issues-fixed/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: JetBrains
Published: 2022-12-08T17:38:04.997Z
Updated:
Reserved: 2022-12-08T16:48:49.403Z
Link: CVE-2022-46831
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-12-08T18:15:10.367
Modified: 2022-12-12T16:33:40.160
Link: CVE-2022-46831
JSON object: View
Redhat Information
No data.