JetBrains Urges Prompt Patching of Latest Critical TeamCity Vulnerability
cretakorslet
JetBrains is advising all TeamCity (on-premises) users to swiftly upgrade to the most recent version in response to the disclosure of a critical vulnerability in the CI/CD tool.
Identified as CVE-2024-23917, the vulnerability has been assigned a provisional CVSS score of 9.8 and enables unauthenticated remote attackers to seize control of vulnerable servers with admin privileges.
Daniel Gallo, a solutions engineer at JetBrains, stated in an advisory, "This issue affects all versions from 2017.1 through 2023.11.2. The problem has been addressed in version 2023.11.3. We strongly recommend upgrading as soon as possible."
The vulnerability necessitates attention solely for administrators of on-premises servers, as TeamCity Cloud has already been patched. JetBrains also confirmed that no attacks had been observed against TeamCity Cloud but did not provide similar assurances about the on-premises product.
Patching can be performed by downloading the latest version, utilizing the automatic update feature within TeamCity, or using the security patch plugin, which specifically addresses CVE-2024-23917.
https://www.taskade.com/p/mobile-suit-gundam-seed-freedom-full-hd-01HP1J7RQ0KB0W4K23KZD2FC90
https://www.taskade.com/p/2024-01HP1JCF4021J5FSWXN3P34WA3
https://www.taskade.com/p/hd-2024-mobile-suit-gundam-seed-freedom-thai-sub-01HP1JG8NYD5KRZVZCY4T01KFC
https://www.taskade.com/p/silent-love-full-hd-01HP1JXP7JKQXWWKJ0D7B16KHS
https://www.taskade.com/p/2024-01HP1KE7JQ2GN8S3YQX20ZG825
https://www.taskade.com/p/hd-2024-silent-love-thai-sub-01HP1KG69EC4GRCESNV7FQAG0T
https://www.taskade.com/p/madame-web-full-hd-01HP1KRESPGA4RTRYS6N8MNPFV
https://www.taskade.com/p/2024-01HP1KVZQ52JZX7V082J55DK7V
https://www.taskade.com/p/hd-2024-madame-web-thai-sub-01HP1KYA8H3WXXY7ZBR2T7HFHT