Security News > 2024 > March > TeamCity auth bypass bug exploited to mass-generate admin accounts

TeamCity auth bypass bug exploited to mass-generate admin accounts
2024-03-07 00:19

Hackers have started to exploit the critical-severity authentication bypass vulnerability in TeamCity On-Premises, which JetBrains addressed in an update on Monday.

LeakIX, a search engine for exposed device misconfigurations and vulnerabilities, told BleepingComputer that a little over 1,700 TeamCity servers have yet to receive the fix.

"Compromising a TeamCity server allows an attacker full control over all TeamCity projects, builds, agents and artifacts, and as such is a suitable vector to position an attacker to perform a supply chain attack" - Rapid7.

JetBrains annouced on Monday the release of TeamCity 2023.11.4 with a fix for CVE-2024-27198, encouraging all users to update instances to the latest version.

Exploit available for new critical TeamCity auth bypass bug, patch now.

JetBrains warns of new TeamCity auth bypass vulnerability.


News URL

https://www.bleepingcomputer.com/news/security/teamcity-auth-bypass-bug-exploited-to-mass-generate-admin-accounts/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-03-04 CVE-2024-27198 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
network
low complexity
jetbrains
critical
 9.8
9.8