The version of JetBrains TeamCity installed on the remote host is prior to 2024.7.3. It is, therefore, affected by multiple vulnerabilities: In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API (CVE-2024-47161) In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups (CVE-2024-47948) In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location (CVE-2024-47949) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version…Read More