A crucial safety vulnerability was detected in TeamCity On-Premises, tagged as CVE-2024-23917, with a CVSS rating of 9.8.
An unauthenticated attacker with HTTP(S) entry to a TeamCity server might bypass authentication procedures and take administrative management of that TeamCity server if the vulnerability is exploited.
TeamCity is a constructing administration and steady integration server developed by JetBrains that may be put in on-premises or used as a cloud service.
Reside assault simulation Webinar demonstrates varied methods by which account takeover can occur and practices to guard your web sites and APIs in opposition to ATO assaults.
This assault, recognized as an Authentication Bypass Utilizing an Alternate Path or Channel vulnerability (CWE-288), carries a excessive threat of harm and exploitability.
Distant code execution (RCE) assaults that don’t require consumer enter can exploit this vulnerability.
All TeamCity On-Premises variations from 2017.1 via 2023.11.2 are susceptible.
TeamCity Cloud servers have already been patched and verified to not be compromised.
Cases Uncovered to the Web
Shadowserver has noticed that 1052 susceptible JetBrains TeamCity Cases had been uncovered to the Web.
Most uncovered cases are discovered within the US 332 cases & Germany 120 cases.
The difficulty has been patched in model 2023.11.3, and JetBrains has notified its clients.
“We strongly advise all TeamCity On-Premises customers to replace their servers to 2023.11.3 to eradicate the vulnerability,” JetBrains stated.
In case you are unable to replace your server to model 2023.11.3, JetBrains has launched a safety patch plugin that means that you can proceed patching your setting.
Safety patch plugin: TeamCity 2018.2+ | TeamCity 2017.1, 2017.2, and 2018.1
“In case your server is publicly accessible over the web and you might be unable to take one of many above mitigation steps instantly, we suggest briefly making it inaccessible till mitigation actions have been accomplished,” the firm stated.
Keep up to date on Cybersecurity information, Whitepapers, and Infographics. Comply with us on LinkedIn & Twitter.