Detections
Analytics

CVE-2023-42793

critical

Description

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

References

https://www.securityweek.com/citrix-cisco-fortinet-zero-days-among-2023s-most-exploited-vulnerabilities/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a

https://securityaffairs.com/169708/apt/apt29-target-zimbra-and-jetbrains-teamcity.html

https://www.theregister.com/2024/10/12/russia_is_targeting_you_for/

https://thehackernews.com/2024/10/cisa-warns-of-threat-actors-exploiting.html

https://www.ic3.gov/Media/News/2024/241010.pdf

https://www.bleepingcomputer.com/news/security/us-uk-warn-of-russian-apt29-hackers-targeting-zimbra-teamcity-servers/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-207a

https://www.cert.ssi.gouv.fr/uploads/CERTFR-2024-CTI-006.pdf

https://www.darkreading.com/cyberattacks-data-breaches/asian-threat-actors-use-new-techniques-to-attack-familiar-targets

https://services.google.com/fh/files/misc/m-trends-2024.pdf

https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html

https://www.guidepointsecurity.com/blog/bianlian-gos-for-powershell-after-teamcity-exploitation/

https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive

https://www.tenable.com/blog/cve-2024-27198-cve-2024-27199-two-authentication-bypass-vulnerabilities-in-jetbrains-teamcity

https://www.fortinet.com/blog/threat-research/teamcity-intrusion-saga-apt29-suspected-exploiting-cve-2023-42793

https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a

https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/

https://www.bleepingcomputer.com/news/security/ransomware-gangs-now-exploiting-critical-teamcity-rce-flaw/

https://www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-to-hack-servers/

https://www.jetbrains.com/privacy-security/issues-fixed/

https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/

https://attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793

http://packetstormsecurity.com/files/174860/JetBrains-TeamCity-Unauthenticated-Remote-Code-Execution.html

Details

Source: Mitre, NVD

Published: 2023-09-19

Updated: 2023-10-03

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical