Live Threat Map
JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances.
The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its severity.
“The vulnerability may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server,” the company said.
The issue impacts all TeamCity On-Premises versions from 2017.1 through 2023.11.2. It has been addressed in version 2023.11.3. An unnamed external security researcher has been credited with discovering and reporting the flaw on January 19, 2024.
Users who are unable to update their servers to version 2023.11.3 can alternately download a security patch plugin to apply fixes for the flaw.
“If your server is publicly accessible over the internet and you are unable to take one of the above mitigation steps immediately, we recommend temporarily making it inaccessible until mitigation actions have been completed,” JetBrains advised.
While there is no evidence that the shortcoming has been abused in the wild, a similar flaw in the same product (CVE-2023-42793, CVSS score: 9.8) came under active exploitation last year within days of public disclosure by multiple threat actors, including ransomware gangs and state-sponsored groups affiliated with North Korea and Russia.
Read the full article here