Software developer JetBrains is urging customers to immediately patch two critical security vulnerabilities impacting its popular TeamCity On-Premises continuous integration and continuous delivery (CI/CD) server.
Tracked as CVE-2024-27198 and CVE-2024-27199, the flaws are described as an improper authentication issue, which could lead to the system takeover. The flaws may allow an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server.
The flaws impact all TeamCity On-Premises versions through 2023.11.3. The issues have been fixed in version 2023.11.4.
JetBrains’ Daniel Gallo notes that currently there’s no indication that any of the above mentioned vulnerabilities have been exploited in the wild. However, the developer recommends customers patch the flaws as soon as possible, given that several nation-state threat actors, including Russian APT29 and North Korean Lazarus and Andariel, as well as ransomware gangs, have been seen abusing TeamCity bugs in the past.