JetBrains TeamCity Authentication Bypass Flaw, Paving the Way for Server Takeover

Summary:

JetBrains addressed a critical security flaw in its TeamCity On-Premises product. The vulnerability identified as CVE-2024-23917, could potentially allow an unauthorized attacker with HTTP(S) access to a TeamCity server to circumvent authentication mechanisms and acquire administrative privileges over the affected server.

Threat Level – Red | Vulnerability Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.