In JetBrains TeamCity prior to 2023.11.4 authentication bypass allowing to perform admin actions was possible
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jetbrains teamcity |
TeamCity auth bypass bug exploited to mass-generate admin accounts By Ionut Ilascu March 6, 2024 07:19 PM 0 Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday. Exploitation appears to be massive, with hundreds of new users created on unpatched instances of TeamCity exposed on the public web. Risk of supply-chain attacks LeakIX, a search engine for exposed device misco...
Critical TeamCity flaw now widely exploited to create admin accounts By Ionut Ilascu March 6, 2024 07:19 PM 0 Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday. Exploitation appears to be massive, with hundreds of new users created on unpatched instances of TeamCity exposed on the public web. Risk of supply-chain attacks LeakIX, a search engine for exposed device mis...
Exploit available for new critical TeamCity auth bypass bug, patch now By Ionut Ilascu March 4, 2024 05:42 PM 0 A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions. Since full technical details to create an exploit are available, administrators are strongly recommended to prioritize addressing the issue by updating to the latest version of the produ...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources More than 1,000 servers remain unpatched and vulnerable Rapid7 throws JetBrains under the bus for 'uncoordinated vulnerability disclosure'
Security researchers are increasingly seeing active exploit attempts using the latest vulnerabilities in JetBrains' TeamCity that in some cases are leading to ransomware deployment. Brody Nisbet, director of threat hunting operations at security shop CrowdStrike, xeeted on Tuesday that telemetry was already showing signs of attacks using a suspected modified version of Jasmin ransomware. Jasmin is an open source red teaming tool that mimics WannaCry and is designed to help organizations simulate...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Exploits began within hours of the original disclosure, so patch now
Updated Security shop Rapid7 is criticizing JetBrains for flouting its policy against silent patching regarding fixes for two fresh vulnerabilities in the TeamCity CI/CD server. Rapid7 says it reported the two TeamCity vulnerabilities in mid-February, claiming JetBrains soon after suggested releasing patches for the flaws before publicly disclosing them. Such a move is typically seen as a no-no by the infosec community, which favors transparency, but there's apparently a time and a place for the...