Lucene search

CVE-2023-42793

🗓️ 19 Sep 2023 17:08:15Reported by JetBrainsType

cve🔗 web.nvd.nist.gov📰️ 36 Media mentions👁 2847 Views🌐 WEB

JetBrains TeamCity authentication bypass leading to RC

Reporter	Title	Published	Views	Family All 56
Microsoft Secure	Diamond Sleet supply chain compromise distributes a modified CyberLink installer	22 Nov 202317:00	–	mssecure
The Hacker News	Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks	14 Dec 202310:32	–	thn
The Hacker News	N. Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack	23 Nov 202305:46	–	thn
The Hacker News	Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw	19 Oct 202307:11	–	thn
The Hacker News	North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures	25 Apr 202416:47	–	thn
The Hacker News	CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance	11 Oct 202408:34	–	thn
The Hacker News	Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now	7 Feb 202405:05	–	thn
The Hacker News	Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers	26 Sep 202305:00	–	thn
The Hacker News	Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans	11 Dec 202313:00	–	thn
The Hacker News	BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks	11 Mar 202409:53	–	thn

Nvd

Node

jetbrains teamcityRange<2023.05.4

[
  {
    "vendor": "JetBrains",
    "product": "TeamCity",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "2023.05.4",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
jetbrains	www.jetbrains.com/privacy-security/issues-fixed/
blog	www.blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/
securityweek	www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-to-hack-servers/
packetstormsecurity	www.packetstormsecurity.com/files/174860/JetBrains-TeamCity-Unauthenticated-Remote-Code-Execution.html
sonarsource	www.sonarsource.com/blog/teamcity-vulnerability/
rapid7	www.rapid7.com/blog/post/2023/09/25/etr-cve-2023-42793-critical-authentication-bypass-in-jetbrains-teamcity-ci-cd-servers/
attackerkb	www.attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793

Parameter	Position	Path	Description	CWE
username	path	/app/rest/users	Endpoint to create a new user, which can be exploited to create an admin account.	CWE-288, CWE-306
password	path	/app/rest/users	Endpoint to create a new user, which can be exploited to create an admin account.	CWE-288, CWE-306
email	path	/app/rest/users	Endpoint to create a new user, which can be exploited to create an admin account.	CWE-288, CWE-306
roles	path	/app/rest/users	Endpoint to create a new user, which can be exploited to create an admin account.	CWE-288, CWE-306

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Sep 2023 17:15Current

9.6High risk

Vulners AI Score9.6

CVSS39.8

EPSS0.97476

cve-2023-42793 jetbrains teamcity authentication bypass rce nvd