Skip to the content.

DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity

Our reference DIVD-2023-00036
Case lead Max van der Horst
Researcher(s)
CVE(s)
Products
  • JetBrains TeamCity
Versions
  • All versions prior to 2023.05.4
Recommendation Upgrade by installing the issued patch as soon as possible or apply the provided security patch plugin
Patch status patches available
Workaround Install the JetBrains-provided security patch plugin
Status Closed
Last modified 18 Dec 2023 08:51 CET

Summary

A critical security issue was recently identified in TeamCity On-Premises. If abused, the flaw may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform a remote code execution (RCE) attack and gain administrative control of the TeamCity server.

Recommendations

JetBrains advises On-Prem users to upgrade to the patch as soon as possible or install the security patch plugin. See the references for the download links.

What we are doing

DIVD is scanning for vulnerable systems. Owners of such systems will receive a notification with this casefile and remediation steps.

Timeline

Date Description
20 Sep 2023 DIVD starts researching this vulnerability.
21 Sep 2023 DIVD starts scanning for this vulnerability.
27 Sep 2023 First version of this casefile.
02 Oct 2023 DIVD identified vulnerable devices
02 Oct 2023 DIVD started notifying stakeholders
06 Dec 2023 Second round of notifications sent
16 Dec 2023 Case closed.
gantt title DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity dateFormat YYYY-MM-DD axisFormat %e %b %Y section Case DIVD-2023-00036 - Authentication Bypass in JetBrains TeamCity (87 days) :2023-09-20, 2023-12-16 section Events DIVD starts researching this vulnerability. : milestone, 2023-09-20, 0d DIVD starts scanning for this vulnerability. : milestone, 2023-09-21, 0d First version of this casefile. : milestone, 2023-09-27, 0d DIVD identified vulnerable devices : milestone, 2023-10-02, 0d DIVD started notifying stakeholders : milestone, 2023-10-02, 0d Second round of notifications sent : milestone, 2023-12-06, 0d Case closed. : milestone, 2023-12-16, 0d

More information