JetBrains has released an urgent security alert for its TeamCity On-Premises software, cautioning users about a vulnerability that could potentially provide attackers with administrative control of affected servers.
The identified flaw, known as CVE-2024-23917, has been assigned a CVSS rating of 9.8, posing a significant risk to all versions of the software released from 2017.1 to 2023.11.2.
Jeff Williams, co-founder and CTO at Contrast Security, highlighted the growing focus of attackers on exploiting authentication and authorization systems to gain administrative access. He referenced a recent similar issue with GoAnywhere MFT, where an unsecured account setup page allowed unauthenticated attackers to gain administrative access.
In response to the security vulnerability, TeamCity Cloud servers have already been patched. However, users of the On-Premises version are strongly advised to update to version 2023.11.3 without delay. For older versions, a security patch plugin is available to mitigate the vulnerability. JetBrains emphasized the importance of taking swift action to protect systems from potential exploitation.
The company further stressed that while the security patch plugin addresses the specific vulnerability, it is always recommended to upgrade to the latest version to benefit from additional security updates, as outlined in their official blog post.
Despite no evidence of active exploitation of the vulnerability, a previous flaw in the same product (CVE-2023-42793) was subjected to active exploitation shortly after its public disclosure last year.
Security expert Brian Contos, CSO at Sevco Security, underscored the significance of promptly patching vulnerable TeamCity servers, given their history of being targeted by malicious actors. He also referenced a recent study from Sevco Security, revealing that a significant percentage of IT assets lack coverage from enterprise patch management and vulnerability management systems.
Contos highlighted the need for organizations to not only address immediate patching but also adopt a more sustainable approach to vulnerability management, which begins with an accurate IT asset inventory.
In conclusion, the urgency of addressing the critical vulnerability in TeamCity On-Premises software cannot be overstated. Prompt action, including updating to the latest version and implementing security patches, is vital to protect affected systems from potential exploitation by malicious actors. Furthermore, the importance of comprehensive vulnerability management, including accurate IT asset inventories and patching coverage, cannot be understated in the face of evolving cybersecurity threats.