Security News > 2024 > February > Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now
2024-02-07 05:05
JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity. "The vulnerability may enable an unauthenticated
News URL
https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html
Related news
- Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers (source)
- Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199) (source)
- Exploit available for new critical TeamCity auth bypass bug, patch now (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-06 | CVE-2024-23917 | Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible | 9.8 |