Login Sign Up

CVE-2021-31910

7.5 HIGH
SSRF

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in JetBrains TeamCity that allows attackers to make unauthorized requests from the server to internal systems. It affects TeamCity installations before version 2020.2.3, potentially exposing sensitive internal network information to attackers.

💻 Affected Systems

Products:
  • JetBrains TeamCity
Versions: All versions before 2020.2.3
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all TeamCity installations with default configurations before the patched version.

📦 What is this software?

Teamcity by Jetbrains

View all CVEs affecting Teamcity →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, retrieve sensitive data, or pivot to other systems within the network environment.

🟠

Likely Case

Information disclosure of internal network resources, potentially exposing configuration data or credentials.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls in place.

🌐 Internet-Facing: HIGH - Internet-facing TeamCity instances are directly exploitable by external attackers.
🏢 Internal Only: MEDIUM - Internal instances still vulnerable to authenticated users or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

SSRF vulnerabilities are commonly exploited and require some level of access to the TeamCity interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2020.2.3 or later

Vendor Advisory: https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/

Restart Required: Yes

Instructions:

1. Backup TeamCity configuration and data. 2. Download TeamCity 2020.2.3 or later from JetBrains. 3. Stop TeamCity service. 4. Install the updated version. 5. Restart TeamCity service. 6. Verify functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict TeamCity server's outbound network access to only necessary services

Access Control

all

Implement strict authentication and authorization controls for TeamCity access

🧯 If You Can't Patch

  • Implement strict network segmentation to limit TeamCity server's outbound connections
  • Monitor TeamCity logs for unusual outbound requests and implement WAF rules to block SSRF patterns

🔍 How to Verify

Check if Vulnerable:

Check TeamCity version in Administration → Server Administration → Server Information

Check Version:

Check TeamCity web interface at Administration → Server Administration → Server Information

Verify Fix Applied:

Confirm version is 2020.2.3 or later in Administration → Server Administration → Server Information

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from TeamCity server
  • Requests to internal IP addresses or services

Network Indicators:

  • TeamCity server making unexpected outbound connections
  • Requests to internal network segments from TeamCity

SIEM Query:

source="teamcity" AND (url="http://internal*" OR url="https://internal*")

📊 Metadata

CVE ID: CVE-2021-31910
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-918
Published: May 11, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-31910, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)