JetBrains reports critical auth bypass flaw in TeamCity auth
Take action: If you are running a self-hosted TeamCity instance, patch or update it immediately or isolate the instance from the public internet until you complete patching or updates.
JetBrains has issued an alert to customers about a critical vulnerability in TeamCity On-Premises servers.
The vulnerability, tracked as CVE-2024-23917 (CVSS score 9.8) is an authentication bypass flaw that could allow attackers to gain administrative control over affected servers without needing to authenticate.
The vulnerability has been resolved in version 2023.11.3, following its discovery by an external security researcher on January 19, 2024.
To mitigate this risk, JetBrains recommends updating TeamCity On-Premises servers to version 2023.11.3. For those unable to immediately upgrade, a security patch plugin is available for versions running TeamCity 2018.2+ and TeamCity 2017.1, 2017.2, and 2018.1.
TeamCity Cloud servers have been patched, JetBrains has not confirmed any attacks exploiting this vulnerability in the wild. However, considering the nature of the vulnerability and past incidents with similar flaws, the possibility of exploitation cannot be disregarded.
|JetBrains TeamCity vulnerability exploited by state sponsored hackers
|Week after repored critical issue, Apache OFBiz actively …
|ownCloud file sharing self-hosted platform reports critical bugs, …
|Ivanti reports another set of actively exploited vulnerabilities
|Oracle Critical Patch Update provides 508 security patches …