JetBrains TeamCity, a popular integration and deployment tool, is vulnerable to an authentication bypass flaw. CVE-2023-42793 affects on-premise instances of the TeamCity CI/CD servers. Successful exploitation of the vulnerability may lead to remote code execution. The vulnerability has been given a critical severity rating with a CVSS score of 9.8.
TeamCity is a general-purpose CI/CD software platform that enables customizable workflows, teamwork, and development methodologies. The tool helps in continuous integration, delivery, and deployment within the DevOps process.
An attacker must have HTTP(S) access to a TeamCity server to exploit the vulnerability. Successful exploitation of the vulnerability may allow a remote attacker to bypass authentication, execute arbitrary code, and gain administrative access to vulnerable TeamCity servers. Details regarding the exploit are limited, but a proof of concept exploit is expected to drop soon.
Affected Versions
The vulnerability affects all TeamCity versions prior to 2023.05.4.
Mitigation
Customers are advised to upgrade to TeamCity version 2023.05.4 or later to patch the vulnerability.
JetBrains has released a security patch plugin for customers unable to upgrade to the patched version.
Security patch plugins can be downloaded from the following URLs:
Please refer to the JetBrains TeamCity Security Advisory for more information.
Qualys Detection
Qualys customers can scan their devices with QID 378885 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.