Lucene search

K
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TEAMCITY_CVE-2023-42793.NBIN
HistoryOct 06, 2023 - 12:00 a.m.

TeamCity Server Authenticiation Bypass (CVE-2023-42793)

2023-10-0600:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
38
teamcity server
authentication bypass
cve-2023-42793
scanner

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.972

Percentile

99.9%

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible.

Binary data teamcity_CVE-2023-42793.nbin

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.972

Percentile

99.9%