Teacher
Professional
- Messages
- 2,670
- Reaction score
- 773
- Points
- 113
JetBrains is sounding the alarm and calling for an urgent upgrade to the secure version.
Two new security vulnerabilities have been discovered in JetBrains TeamCity On-Premises software, which can be exploited by attackers to seize control of affected systems.
Vulnerabilities identified as CVE-2024-27198 with a CVSS criticality rating of 9.8 and CVE-2024-27199 with a rating of 7.3 affect all versions of TeamCity On-Premises up to and including 2023.11.3.
As stated in the JetBrains report, "the vulnerabilities allow an unauthenticated attacker with HTTP(S) access to the TeamCity server to bypass authentication and gain administrative control over the server."
"Compromising the TeamCity server allows an attacker to fully control all TeamCity projects, builds, agents, and artifacts, making it a suitable tool for attacking supply chains," Rapid7, which identified both vulnerabilities, said in a report.
CVE-2024-27199 is also related to authentication bypass due to a Path Traversal issue, which can allow an unauthenticated attacker to replace the HTTPS certificate on the vulnerable TeamCity server with their own one via the access point "/app/https/settings/uploadCertificate" and even change the port number that the HTTPS service listens on.
An attacker can use this vulnerability to conduct a DoS attack on the TeamCity server by changing the HTTPS port number or downloading a certificate that will not pass client-side verification. In addition, the uploaded certificate can be used for man-in-the-middle attacks if clients trust this certificate.
However, both vulnerabilities were fixed in TeamCity On-Premises version 2023.11.4, so all users are advised to update their installations immediately to avoid compromise. TeamCity Cloud instances, in turn, were fixed automatically for all clients.
The release of CVE-2024-27198 and CVE-2024-27199 follows JetBrains recent patching of another critical vulnerability with the ID CVE-2024-23917 and a criticality rating of 9.8, which also allowed an unauthenticated attacker to gain administrative control over TeamCity servers.
Two new security vulnerabilities have been discovered in JetBrains TeamCity On-Premises software, which can be exploited by attackers to seize control of affected systems.
Vulnerabilities identified as CVE-2024-27198 with a CVSS criticality rating of 9.8 and CVE-2024-27199 with a rating of 7.3 affect all versions of TeamCity On-Premises up to and including 2023.11.3.
As stated in the JetBrains report, "the vulnerabilities allow an unauthenticated attacker with HTTP(S) access to the TeamCity server to bypass authentication and gain administrative control over the server."
"Compromising the TeamCity server allows an attacker to fully control all TeamCity projects, builds, agents, and artifacts, making it a suitable tool for attacking supply chains," Rapid7, which identified both vulnerabilities, said in a report.
CVE-2024-27199 is also related to authentication bypass due to a Path Traversal issue, which can allow an unauthenticated attacker to replace the HTTPS certificate on the vulnerable TeamCity server with their own one via the access point "/app/https/settings/uploadCertificate" and even change the port number that the HTTPS service listens on.
An attacker can use this vulnerability to conduct a DoS attack on the TeamCity server by changing the HTTPS port number or downloading a certificate that will not pass client-side verification. In addition, the uploaded certificate can be used for man-in-the-middle attacks if clients trust this certificate.
However, both vulnerabilities were fixed in TeamCity On-Premises version 2023.11.4, so all users are advised to update their installations immediately to avoid compromise. TeamCity Cloud instances, in turn, were fixed automatically for all clients.
The release of CVE-2024-27198 and CVE-2024-27199 follows JetBrains recent patching of another critical vulnerability with the ID CVE-2024-23917 and a criticality rating of 9.8, which also allowed an unauthenticated attacker to gain administrative control over TeamCity servers.
