In a recent development, JetBrains has swiftly responded to two critical security vulnerabilities in their TeamCity On-Premises software, ensuring the protection of users’ systems. These vulnerabilities, identified as CVE-2024-27198 and CVE-2024-27199, have been addressed in the latest version, 2023.11.4. Users are urged to update their systems promptly to avoid potential exploitation.
CVE-2024-27198, with a CVSS score of 9.8, poses a significant threat as it allows remote unauthenticated attackers to bypass authentication mechanisms, gaining administrative control over the affected TeamCity server. This exploit grants the attacker full access to projects, builds, agents, and artifacts, presenting a concerning vector for potential supply chain attacks. Rapid7, the cybersecurity firm that discovered and reported the vulnerabilities on February 20, 2024, highlights the severity of this flaw and the potential ramifications of a compromised server.
Similarly, CVE-2024-27199, rated at 7.3 on the CVSS scale, presents an authentication bypass vulnerability resulting from a path traversal issue. This flaw permits attackers to manipulate HTTPS certificates and alter the port number for the HTTPS service, potentially leading to denial-of-service attacks or enabling adversaries-in-the-middle scenarios. Rapid7 underscores the implications of this vulnerability, emphasizing the importance of immediate action to mitigate risks.
It’s worth noting that JetBrains has already patched TeamCity Cloud instances, ensuring the security of cloud-based deployments. However, on-premises installations remain vulnerable unless updated to the latest version. Failure to address these vulnerabilities could expose organizations to severe security risks, including unauthorized access, data breaches, and system compromise.
This development follows closely on the heels of JetBrains’ previous security patch (CVE-2024-23917), underscoring the ongoing efforts to fortify TeamCity against emerging threats. Given the history of active exploitation of TeamCity vulnerabilities by threat actors, including those from North Korea and Russia, proactive measures are imperative to safeguard critical infrastructure.
In light of these security concerns, users are strongly advised to prioritize updating their TeamCity On-Premises installations to version 2023.11.4 or newer. JetBrains remains committed to enhancing the security posture of their products and collaborating with the cybersecurity community to identify and mitigate potential risks.
By promptly applying these patches and staying vigilant against emerging threats, organizations can bolster their defenses and mitigate the risk of unauthorized access or compromise. Remember, proactive security measures today ensure a safer tomorrow for your digital infrastructure. Stay informed, stay secure, and stay protected with JetBrains TeamCity.
Interesting Article : Phobos Ransomware: U.S. Warns Against Cyber Threats to Critical Infrastructure