JetBrains reports critical auth bypass flaw in TeamCity auth

published: Feb. 6, 2024

Take action: If you are running a self-hosted TeamCity instance, patch or update it immediately or isolate the instance from the public internet until you complete patching or updates.

Learn More

JetBrains has issued an alert to customers about a critical vulnerability in TeamCity On-Premises servers.

The vulnerability, tracked as CVE-2024-23917 (CVSS score 9.8) is an authentication bypass flaw that could allow attackers to gain administrative control over affected servers without needing to authenticate.

It affects all TeamCity On-Premises versions from 2017.1 to 2023.11.2 and can facilitate remote code execution (RCE) attacks that do not require user interaction.

The vulnerability has been resolved in version 2023.11.3, following its discovery by an external security researcher on January 19, 2024.

To mitigate this risk, JetBrains recommends updating TeamCity On-Premises servers to version 2023.11.3. For those unable to immediately upgrade, a security patch plugin is available for versions running TeamCity 2018.2+ and TeamCity 2017.1, 2017.2, and 2018.1.

TeamCity Cloud servers have been patched, JetBrains has not confirmed any attacks exploiting this vulnerability in the wild. However, considering the nature of the vulnerability and past incidents with similar flaws, the possibility of exploitation cannot be disregarded.

JetBrains reports critical auth bypass flaw in TeamCity auth