CVE-2023-42793 - JetBrains TeamCity Authentication Bypass Vulnerability

Vulnerability Name

JetBrains TeamCity Authentication Bypass Vulnerability

Description

JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://blog.jetbrains.com/teamcity/2023/09/critical-security-issue-affecting-teamcity-on-premises-update-to-2023-05-4-now/

https://nvd.nist.gov/vuln/detail/CVE-2023-42793

Related News Articles

BadPilot network hacking campaign fuels Russian SandWorm attacksFebruary 13, 2025

Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ CountriesFebruary 13, 2025

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network ReconnaissanceOctober 11, 2024

US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity serversOctober 11, 2024