JetBrain urges to fix critical TeamCity On-Premises vulnerabilities
Software developer JetBrains is urging customers to immediately patch two critical security vulnerabilities impacting its popular TeamCity On-Premises continuous integration and continuous delivery (CI/CD) server.
Tracked as CVE-2024-27198 and CVE-2024-27199, the flaws are described as an improper authentication issue, which could lead to the system takeover. The flaws may allow an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server.
The flaws impact all TeamCity On-Premises versions through 2023.11.3. The issues have been fixed in version 2023.11.4.
JetBrains’ Daniel Gallo notes that currently there’s no indication that any of the above mentioned vulnerabilities have been exploited in the wild. However, the developer recommends customers patch the flaws as soon as possible, given that several nation-state threat actors, including Russian APT29 and North Korean Lazarus and Andariel, as well as ransomware gangs, have been seen abusing TeamCity bugs in the past.
Latest Posts
Cyber Security Week in Review: September 6, 2024
In brief: the US charges Russian GRU hackers for attacks on Ukraine, Apache, Cisco, Zyxel patch high-risk flaws, Google fixes Android zero-day, and more.
Threat actors using MacroPack Red Team framework to deploy Brute Ratel, Havoc and PhantomCore
Some of the documents appeared to be part of legitimate Red Team exercises, while other were intended for malicious purposes.
US seizes 32 domains linked to Russian Doppelganger influence campaign
The domains, used to disseminate propaganda, were seized as part of a broader effort to disrupt Russia’s attempts to interfere in the 2024 US Presidential Election.