Skip to main content

Critical Security Update Released for JetBrains TeamCity On-Premises

The vulnerability could allow an unauthenticated attacker to gain administrative control of a TeamCity server

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

The vulnerability could allow an unauthenticated attacker to gain administrative control of a TeamCity server


Affected platforms

The following platforms are known to be affected:

Threat details

Introduction

JetBrains has released a security update addressing a critical vulnerability, CVE-2024-23917, affecting TeamCity On-Premises.

The authentication bypass vulnerability has a CVSSv3 score 9.8 and could allow an unauthenticated attacker with HTTP(S) access to a TeamCity server to gain administrative control of that TeamCity server. 


Remediation advice

Affected organisations are strongly encouraged to review the JetBrains security advisory and apply any relevant updates.



Last edited: 7 February 2024 3:14 pm