Security News > 2024 > February > JetBrains warns of new TeamCity auth bypass vulnerability

JetBrains warns of new TeamCity auth bypass vulnerability
2024-02-06 17:30

JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges.

Tracked as CVE-2024-23917, this critical severity flaw impacts all versions of TeamCity On-Premises from 2017.1 through 2023.11.2 and can be exploited in remote code execution attacks that don't require user interaction.

"We strongly advise all TeamCity On-Premises users to update their servers to 2023.11.3 to eliminate the vulnerability," JetBrains said.

Customers who cannot immediately upgrade can also use a security patch plugin to secure servers running TeamCity 2018.2+ and TeamCity 2017.1, 2017.2, and 2018.1.

While the company says that all TeamCity Cloud servers have been patched and there is no evidence they've been attacked, it has yet to reveal if CVE-2024-23917 has been targeted in the wild to hijack Internet-exposed TeamCity On-Premises servers.

Shadowserver is tracking more than 2,000 TeamCity servers exposed online, although there is no way to know how many have already been patched.


News URL

https://www.bleepingcomputer.com/news/security/jetbrains-warns-of-new-teamcity-auth-bypass-vulnerability/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-23917 Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
network
low complexity
jetbrains CWE-306
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Jetbrains 32 16 236 121 46 419