JetBrains TeamCity Authentication Bypass Flaw, Paving the Way for Server Takeover
JetBrains TeamCity Authentication Bypass Flaw, Paving the Way for Server Takeover
Summary:
JetBrains addressed a critical security flaw in its TeamCity On-Premises product. The vulnerability identified as CVE-2024-23917, could potentially allow an unauthorized attacker with HTTP(S) access to a TeamCity server to circumvent authentication mechanisms and acquire administrative privileges over the affected server.
Threat Level – Red | Vulnerability Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.