QID 378885

Date Published: 2023-09-26

QID 378885: JetBrains TeamCity Authentication Bypass Vulnerability

JetBrains TeamCity Server is a Java-based build management and continuous integration server from JetBrains.

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

Affected Versions :
TeamCity prior to 2023.05.4

QID Detection Logic(Authenticated and Unauthenticated)
This qid sends GET request to login.html and checks for version for remote check. And check registry key HKLM\SOFTWARE\JetBrains\TeamCity\Server on Windows systems for Auh check.

On successful exploitation it allows possible Remote Code Execution.

CVSS V3 rated as Critical - 9.8 severity.

CVSS V2 rated as High - 7.5 severity.

Solution

Update to the latest version of JetBrains TeamCity.

Vendor References

TeamCity - www.jetbrains.com/privacy-security/issues-fixed/

CVEs related to QID 378885

CVE-2023-42793 |

Software Advisories

Advisory ID	Software	Component	Link
TeamCity			www.jetbrains.com/privacy-security/issues-fixed/

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].