Advisory No: TZCERT/SA/2024/03/06
Date of First Release: 6th March 2024
Source: JetBrains
Software Affected: TeamCity On-Premises
Overview:
Vulnerabilities exists in JetBrains TeamCity On-Premises software which allows an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server.
CVE-2024-27198 (CVSS base score of 9.8 – Critical): is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue (CWE-288).
CVE-2024-27199 (CVSS base score of 7.3 – High): is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue (CWE-22).
TeamCity Cloud servers have already been patched.
Impact:
Successful exploitation of these vulnerabilities may allow an unauthenticated attacker to bypass the authentication checks and gain administrative control of the TeamCity server.
Solution:
A workaround for these vulnerabilities has been released. Users and administrators are encouraged to
- Apply released updates on their servers to version 2023.11.4.
- Apply Security Plugin patch released if you unable to update your server. Security patch can be downloaded through TeamCity 2018.2 and newer and TeamCity 2018.1 and older
References: