DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity
| Our reference | DIVD-2023-00036 |
| Case lead | Max van der Horst |
| Researcher(s) | |
| CVE(s) | |
| Products |
|
| Versions |
|
| Recommendation | Upgrade by installing the issued patch as soon as possible or apply the provided security patch plugin |
| Patch status | patches available |
| Workaround | Install the JetBrains-provided security patch plugin |
| Status | Closed |
| Last modified | 18 Dec 2023 08:51 CET |
Summary
A critical security issue was recently identified in TeamCity On-Premises. If abused, the flaw may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform a remote code execution (RCE) attack and gain administrative control of the TeamCity server.
Recommendations
JetBrains advises On-Prem users to upgrade to the patch as soon as possible or install the security patch plugin. See the references for the download links.
What we are doing
DIVD is scanning for vulnerable systems. Owners of such systems will receive a notification with this casefile and remediation steps.
Timeline
| Date | Description |
|---|---|
| 20 Sep 2023 | DIVD starts researching this vulnerability. |
| 21 Sep 2023 | DIVD starts scanning for this vulnerability. |
| 27 Sep 2023 | First version of this casefile. |
| 02 Oct 2023 | DIVD identified vulnerable devices |
| 02 Oct 2023 | DIVD started notifying stakeholders |
| 06 Dec 2023 | Second round of notifications sent |
| 16 Dec 2023 | Case closed. |
gantt
title DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity
dateFormat YYYY-MM-DD
axisFormat %e %b %Y
section Case
DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity (87 days) :2023-09-20, 2023-12-16
section Events
DIVD starts researching this vulnerability. : milestone, 2023-09-20, 0d
DIVD starts scanning for this vulnerability. : milestone, 2023-09-21, 0d
First version of this casefile. : milestone, 2023-09-27, 0d
DIVD identified vulnerable devices : milestone, 2023-10-02, 0d
DIVD started notifying stakeholders : milestone, 2023-10-02, 0d
Second round of notifications sent : milestone, 2023-12-06, 0d
Case closed. : milestone, 2023-12-16, 0d