Security Advisory Pulse/CVE-2024-27198
CVE-2024-27198Exploit Available

JetBrains TeamCity Authentication Bypass (Cascade Exploitation)

🏭 JetBrainsCWE-288#Authentication Bypass#CI/CD#Supply Chain#Admin Takeover
9.8Critical
010.0

Vulnerability Description

A critical authentication bypass in JetBrains TeamCity CI/CD server allows remote unauthenticated attackers to create administrator accounts and fully take over the server. Rapidly weaponized by nation-state actors for supply chain attacks.

Recommended Mitigation

Update TeamCity to 2023.11.4 immediately. If patching is not immediately possible, apply the Jetbrains security plugin. Audit admin accounts for unauthorized additions.

Affected Products

JetBrains TeamCity

Version constraint: TeamCity On-Premises < 2023.11.4

Official References

https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/https://nvd.nist.gov/vuln/detail/CVE-2024-27198

Quick Facts

Published
2024-03-04
Last Modified
2024-03-08
Vendor
JetBrains
CWE
CWE-288
Exploit
⚠️ Public Exploit Exists

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

View on NVD← Back to Advisory Feed