Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

2023-09-26 05:00

A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following responsible disclosure on September 6,

News URL

https://thehackernews.com/2023/09/critical-jetbrains-teamcity-flaw-could.html

#critical #sourcecode #CVE-2023-42793

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-19	CVE-2023-42793	Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible network low complexity jetbrains CWE-306 critical	9.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Jetbrains		32	16	236	121	46	419