CVE-2023-42793 - JetBrains TeamCity Authentication Bypass Vulnerability

CVE-2023-42793: JetBrains | TeamCity

Date Added:
2023-10-04

Due Date:
2023-10-25

Vulnerability Name: JetBrains TeamCity Authentication Bypass Vulnerability

Description: JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://blog.jetbrains.com/teamcity/2023/09/critical-security-issue-affecting-teamcity-on-premises-update-to-2023-05-4-now/ ; https://nvd.nist.gov/vuln/detail/CVE-2023-42793

Related News Articles

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network ReconnaissanceOctober 11, 2024

US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity serversOctober 11, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard