The U.S. Cybersecurity and Infrastructure Security Agency (CISA) the CVE-2024-27198 (CVSS Score 9.8) JetBrains TeamCity authentication bypass vulnerability to its .
This week Rapid7 researchers disclosed two new critical security vulnerabilities, tracked as (CVSS score: 9.8) and (CVSS score:7.3), in JetBrains TeamCity On-Premises.
An attacker can exploit the vulnerabilities to take control of affected systems.
Below are the descriptions for these vulnerabilities:
“The vulnerabilities may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server.” reads the published by JetBrains.
The flaws impact all TeamCity On-Premises versions through 2023.11.3, it was addressed with the release of .
The company also released a security patch plugin for those customers who are unable to patch their systems.
The two flaws were discovered by Stephen Fewer, Principal Security Researcher at Rapid7, were disclosed following .
Rapid7 published a detailed analysis of the two flaws .
Describing the flaw CVE-2024-27198, the researchers pointed out that an unauthenticated attacker can use a specially crafted URL to bypass all authentication checks. A remote unauthenticated attacker can exploit this flaw to take complete control of a vulnerable TeamCity server.
According to , FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts recommend also private organizations review the and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix this vulnerability by March 28, 2024.
Follow me on Twitter: and and Mastodon
(SecurityAffairs – Hacking, Known Exploited Vulnerabilities catalog)