February 7, 2024 at 04:02AM
JetBrains warns of critical security flaw (CVE-2024-23917) in TeamCity On-Premises software, allowing unauthenticated attackers to gain administrative control. Users advised to update to version 2023.11.3 or use a security patch plugin. Vulnerability affects versions from 2017.1 to 2023.11.2. No known exploits, but caution urged due to past similar incidents.
Key takeaways from the meeting notes on JetBrains TeamCity On-Premises software security:
1. JetBrains has identified a critical security flaw, tracked as CVE-2024-23917, in its TeamCity On-Premises software, which has a severity rating of 9.8 out of 10.
2. The vulnerability allows unauthenticated attackers with HTTP(S) access to bypass authentication checks and gain administrative control of the TeamCity server. It affects versions from 2017.1 through 2023.11.2 and has been addressed in version 2023.11.3.
3. Users are advised to update their servers to version 2023.11.3 or alternatively download a security patch plugin to apply fixes for the flaw.
4. JetBrains recommends temporarily making servers inaccessible if unable to apply mitigation steps immediately, especially if they are publicly accessible over the internet.
5. While there is no evidence of abuse in the wild, a similar flaw in a previous version of the same product was actively exploited by threat actors, including ransomware gangs and state-sponsored groups, after public disclosure.
This is a critical security update, and users are strongly advised to take immediate action to protect their TeamCity On-Premises software from potential exploitation.