A pair of new security vulnerabilities has been revealed in JetBrains TeamCity On-Premises software that could be exploited by malicious actors to gain control of affected systems.
The vulnerabilities, identified as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been fixed in version 2023.11.4. They impact all TeamCity On-Premises versions up to 2023.11.3.
According to an advisory released by JetBrains on Monday, “The vulnerabilities may allow an unauthenticated attacker with HTTP(S) access to a TeamCity server to circumvent authentication checks and achieve administrative control of that TeamCity server.”
TeamCity Cloud instances have already been updated to address these vulnerabilities. Rapid7, the cybersecurity firm that discovered and reported the issues on February 20, 2024, described CVE-2024-27198 as an authentication bypass flaw that could lead to complete compromise of a vulnerable server by a remote unauthenticated attacker.
Rapid7 also highlighted that compromising a TeamCity server provides the attacker with complete control over projects, builds, agents, and artifacts, making it a potential target for supply chain attacks.
CVE-2024-27199, another authentication bypass vulnerability, allows unauthorized attackers to replace the HTTPS certificate in a vulnerable TeamCity server with a certificate of their choice and modify the HTTPS service’s port number via the “/app/https/settings/uploadCertificate” endpoint.
This vulnerability could be exploited for denial-of-service attacks by changing the HTTPS port number or uploading an invalid certificate. Alternatively, the uploaded certificate could facilitate man-in-the-middle attacks if trusted by clients.
Rapid7 emphasized that the authentication bypass flaw enables access to a limited number of authenticated endpoints without proper authentication, allowing attackers to modify system settings and access some sensitive information from the server.
Following the recent release of patches for another critical flaw (CVE-2024-23917, CVSS score: 9.8) in JetBrains TeamCity, users are advised to update their servers promptly to prevent potential exploitation by threat actors.
Given the history of active exploitation of vulnerabilities in JetBrains TeamCity by threat actors from North Korea and Russia, it is crucial for users to prioritize server updates for enhanced security measures.
