Security News > 2023 > October > CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
2023-10-05 09:30
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below - CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability
News URL
https://thehackernews.com/2023/10/cisa-warns-of-active-exploitation-of.html
Related news
- CISA urges software devs to weed out SQL injection vulnerabilities (source)
- CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products (source)
- CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability (source)
- CISA urges software devs to weed out path traversal vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-19 | CVE-2023-42793 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | 9.8 |