CVE-2023-42793

critical

Description

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

References

https://www.cert.ssi.gouv.fr/uploads/CERTFR-2024-CTI-006.pdf

https://medium.com/@aslam.mahimkar/runner-hackthebox-walkthrough-103250a9acd3?source=rss------hacking-5

https://www.reliaquest.com/blog/russia-linked-threats-to-operational-technology/?web_view=true

https://www.darkreading.com/cyberattacks-data-breaches/asian-threat-actors-use-new-techniques-to-attack-familiar-targets

https://medium.com/@mxnty/hackthebox-runner-medium-by-mxnty-103e3f9094d9?source=rss------hacking-5

https://thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html?&web_view=true

https://services.google.com/fh/files/misc/m-trends-2024.pdf

https://securityaffairs.com/160357/hacking/bianlian-group-ttack-jetbrains-teamcity.html?web_view=true

https://securityaffairs.com/160357/hacking/bianlian-group-ttack-jetbrains-teamcity.html

https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html

https://www.guidepointsecurity.com/blog/bianlian-gos-for-powershell-after-teamcity-exploitation/

https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive

https://www.tenable.com/blog/cve-2024-27198-cve-2024-27199-two-authentication-bypass-vulnerabilities-in-jetbrains-teamcity

https://securityaffairs.com/158790/hacking/jetbrains-teamcity-on-premises-bug.html

https://www.theregister.com/2024/02/07/jetbrains_teamcity_critical_vuln/

https://www.bleepingcomputer.com/news/security/jetbrains-warns-of-new-teamcity-auth-bypass-vulnerability/?&web_view=true

https://www.fortinet.com/blog/threat-research/teamcity-intrusion-saga-apt29-suspected-exploiting-cve-2023-42793

https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a

https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/

https://www.bleepingcomputer.com/news/security/ransomware-gangs-now-exploiting-critical-teamcity-rce-flaw/

https://blog.detectify.com/product-updates/recently-added-crowdsource-vulnerabilities-september-2023/

https://www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-to-hack-servers/

https://www.rapid7.com/blog/post/2023/09/25/etr-cve-2023-42793-critical-authentication-bypass-in-jetbrains-teamcity-ci-cd-servers/

https://www.jetbrains.com/privacy-security/issues-fixed/

https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/

https://attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793

Details

Source: Mitre, NVD

Published: 2023-09-19

Updated: 2023-10-03

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical