Security News > 2024 > March > Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers
2024-03-05 03:34
A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3. “The
News URL
https://thehackernews.com/2024/03/critical-jetbrains-teamcity-on-premises.html
Related news
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-04 | CVE-2024-27199 | In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | 0.0 |
| 2024-03-04 | CVE-2024-27198 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | 9.8 |