CVE-2021-26310 – This vulnerability in the TeamCity IntelliJ plu... (How to Fix)

Q: What is the severity of CVE-2021-26310?

CVE-2021-26310 has a CVSS score of 7.5 (HIGH). This vulnerability in the TeamCity IntelliJ plugin allows denial-of-service attacks by crashing the plugin or IDE. It affects developers using IntelliJ IDEA with the TeamCity plugin installed. The vulnerability was present in versions before the fix.

📋 TL;DR

This vulnerability in the TeamCity IntelliJ plugin allows denial-of-service attacks by crashing the plugin or IDE. It affects developers using IntelliJ IDEA with the TeamCity plugin installed. The vulnerability was present in versions before the fix.

💻 Affected Systems

Products:

JetBrains IntelliJ IDEA TeamCity plugin

Versions: All versions before 2020.2.2.85899

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects IntelliJ IDEA installations with the TeamCity plugin enabled.

📦 What is this software?

Teamcity by Jetbrains

View all CVEs affecting Teamcity →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete disruption of development workflow with IntelliJ IDEA crashing or becoming unresponsive, potentially causing data loss in unsaved work.

🟠

Likely Case

Temporary disruption of the TeamCity plugin functionality within IntelliJ IDEA, requiring restart of the IDE to restore normal operation.

🟢

If Mitigated

Minimal impact with proper plugin management and version control practices in place.

🌐 Internet-Facing: LOW - This is a client-side plugin vulnerability, not a server-side issue.

🏢 Internal Only: MEDIUM - Affects developer workstations but requires local access or malicious plugin interaction.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires interaction with the TeamCity plugin within IntelliJ IDEA environment.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2020.2.2.85899 and later

Vendor Advisory: https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/

Restart Required: Yes

Instructions:

1. Open IntelliJ IDEA. 2. Go to File → Settings → Plugins. 3. Find TeamCity plugin. 4. Click Update or install version 2020.2.2.85899+. 5. Restart IntelliJ IDEA.

🔧 Temporary Workarounds

Disable TeamCity plugin

all

Temporarily disable the vulnerable plugin until patching is possible

Use alternative TeamCity integration

all

Use TeamCity web interface or command line tools instead of the IntelliJ plugin

🧯 If You Can't Patch

Restrict plugin usage to trusted TeamCity servers only
Implement developer workstation isolation to limit blast radius

🔍 How to Verify

Check if Vulnerable:

Check plugin version in IntelliJ IDEA: File → Settings → Plugins → TeamCity → check version number

Check Version:

No command line check - must be verified through IntelliJ IDEA GUI

Verify Fix Applied:

Verify plugin version is 2020.2.2.85899 or higher in plugin settings

📡 Detection & Monitoring

Log Indicators:

IntelliJ IDEA crash logs
TeamCity plugin error messages in IDE logs

Network Indicators:

Unusual TeamCity server connection patterns from IDE

SIEM Query:

source="intellij_logs" AND ("TeamCity plugin crash" OR "plugin error")

📊 Metadata

CVE ID: CVE-2021-26310

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Published: May 11, 2021

Last Updated: November 21, 2024

🔗 References

https://blog.jetbrains.com Third Party Advisory
https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/ Third Party Advisory
https://blog.jetbrains.com Third Party Advisory
https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON