Security News > 2024 > March > Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions.
"Compromising a TeamCity server allows an attacker full control over all TeamCity projects, builds, agents and artifacts, and as such is a suitable vector to position an attacker to perform a supply chain attack" - Rapid7.
Rapid7 demonstrated the severity of the flaw by creating an exploit that generated an authentication and allowed them to get shell access on the target TeamCity server.
If this is not currently possible, a security patch plugin is available for TeamCity 2018.2 and newer as well as for TeamCity 2018.1 and older.
JetBrains warns of new TeamCity auth bypass vulnerability.
ScreenConnect critical bug now under attack as exploit code emerges.
News URL
Related news
- Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199) (source)
- QNAP warns of critical auth bypass flaw in its NAS devices (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) (source)
- Exploit released for Fortinet RCE bug used in attacks, patch now (source)
- A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (source)
- Exploit released for Palo Alto PAN-OS bug used in attacks, patch now (source)
- Maximum severity Flowmon bug has a public exploit, patch now (source)