AttackerKBAKB:D682F60F-4477-44E8-9297-508D1E4A93A7CVE-2023-42793
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.972 High
EPSS
Percentile
99.8%
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
Recent assessments:
sfewer-r7 at September 27, 2023 1:47pm UTC reported:
Based on the accompanying Rapid7 Analysis, the attacker value for CVE-2023-42793 is very high given the target product is a CI/CD server, and as such may contain sanative information such as source code or signing keys, in addition to being a vector for conducting a supply chain attack. The exploitability for this vulnerability is also very high, as the product is vulnerable in a default configuration and an attacker can trivially exploit it with a sequence of cURL commands.
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5
References
packetstormsecurity.com/files/174860/JetBrains-TeamCity-Unauthenticated-Remote-Code-Execution.html
attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793
blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42793
www.jetbrains.com/privacy-security/issues-fixed/
www.rapid7.com/blog/post/2023/09/25/etr-cve-2023-42793-critical-authentication-bypass-in-jetbrains-teamcity-ci-cd-servers/
www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-to-hack-servers/
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.972 High
EPSS
Percentile
99.8%