Connect with us

Hi, what are you looking for?



JetBrains Patches Critical Authentication Bypass in TeamCity

JetBrains releases patches for a critical-severity TeamCity authentication bypass leading to remote code execution.

JetBrains on Tuesday warned that a critical authentication bypass in the popular build management server TeamCity could be exploited remotely for arbitrary code execution.

Tracked as CVE-2024-23917 (CVSS score of 9.8), the flaw was discovered on January 19, 2024, and impacts all TeamCity On-Premises versions from 2017.1 through 2023.11.2.

“If abused, the flaw may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server,” JetBrains explains.

The issue was addressed with the release of TeamCity On-Premise version 2023.11.3. JetBrains has already patched TeamCity cloud servers and says that it has not observed in-the-wild exploitation of the bug.

“We strongly advise all TeamCity On-Premises users to update their servers to 2023.11.3 to eliminate the vulnerability,” the software development company notes.

JetBrains also released a security patch plugin for users who cannot update their servers, which can be installed on all affected TeamCity versions. The plugin, however, only addresses this vulnerability and does not include other security updates.

TeamCity servers that are publicly accessible but which cannot be updated or patched should be removed from the internet immediately and should remain so until mitigations have been applied, the software developer notes.

Given that the security plugin is compatible with TeamCity iterations starting with version 2017.1, JetBrains is not considering backporting the fix for now.

Advertisement. Scroll to continue reading.

TeamCity is a general-purpose continuous integration and continuous delivery (CI/CD) platform for DevOps teams. TeamCity is the third most popular CI/CD solution today, with a market share of roughly 6%.

Related: PoC Exploit Published for Critical Jenkins Vulnerability

Related: North Korean Hackers Exploiting Recent TeamCity Vulnerability

Related: In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.