Security News > 2024 > February > Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now
2024-02-07 05:05
JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity. "The vulnerability may enable an unauthenticated
News URL
https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html
Related news
- Patch now: Critical Nvidia bug allows container escape, complete host takeover (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Progress urges admins to patch critical WhatsUp Gold bugs ASAP (source)
- Critical flaw in NVIDIA Container Toolkit allows full host takeover (source)
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-23917 | Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | 9.8 |