Security News > 2023 > October > CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities

CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
2023-10-05 09:30

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below - CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability


News URL

https://thehackernews.com/2023/10/cisa-warns-of-active-exploitation-of.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-09-19 CVE-2023-42793 Authentication Bypass Using an Alternate Path or Channel vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
network
low complexity
jetbrains CWE-288
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Jetbrains 32 28 273 59 16 376