Security News > 2024 > March > Critical TeamCity flaw now widely exploited to create admin accounts

Critical TeamCity flaw now widely exploited to create admin accounts
2024-03-07 00:19

Hackers have started to exploit the critical-severity authentication bypass vulnerability in TeamCity On-Premises, which JetBrains addressed in an update on Monday.

LeakIX, a search engine for exposed device misconfigurations and vulnerabilities, told BleepingComputer that a little over 1,700 TeamCity servers have yet to receive the fix.

"Compromising a TeamCity server allows an attacker full control over all TeamCity projects, builds, agents and artifacts, and as such is a suitable vector to position an attacker to perform a supply chain attack" - Rapid7.

CVE-2024-27198 has a critical severity score of 9.8 out of 10 and affects all releases up to 2023.11.4 of the on-premise version of TeamCity.

JetBrains annouced on Monday the release of TeamCity 2023.11.4 with a fix for CVE-2024-27198, encouraging all users to update instances to the latest version.

Exploit available for new critical TeamCity auth bypass bug, patch now.


News URL

https://www.bleepingcomputer.com/news/security/critical-teamcity-flaw-now-widely-exploited-to-create-admin-accounts/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-03-04 CVE-2024-27198 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
9.8