overview

A critical vulnerability was found in Jet Brains’ TeamCity On-Premises servers. This vulnerability, tracked as CVE-2024-23917, allows an unauthenticated attacker with HTTP(S) access to bypass authentication checks and potentially gain administrative control of the server.  

CVE-2024-23917 impacts all versions of TeamCity On-Premises from 2017.1 through 2023.11.2 and can be exploited in remote code execution attacks without user interaction.  

JetBrains’ advisory states that all TeamCity Cloud servers have been patched and there is no evidence of the servers being under attack. However, they have not addressed whether or not CVE-2024-23917 has been targeted by attackers in the wild to hijack Internet-exposed TeamCity On-Premises servers. The issue has been addressed in Team City On-Premises version 2023.11.3. JetBrains has already notified customers.  

 

 

avertium's recommendationS

  • Avertium recommends that all users patch CVE-2024-23917 as soon as possible. You may find patch guidance in the JetBrains advisory 
  • JetBrains’ advisory states that users who are unable to update servers to version 2023.11.3, can still patch their environments with a security patch plugin.  The plugin can be downloaded using the link below and installed on TeamCity versions 2017.1 through 2023.11.2. It will patch the vulnerability described above. 



 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2024-23917. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

 

 

How Avertium is Protecting Our CUSTOMERS

  • Fusion MXDR is the first MDR offering that fuse together all aspects of security operations into a living, breathing, threat-resistant XDR solution. By fusing insights from threat intelligence, security assessments, and vulnerability management into our MDR approach, Fusion MXDR offers a more informed, robust, and cost-effective approach to cybersecurity – one that is greater than the sum of its parts. 
  • Expanding endpoints, cloud computing environments, and accelerated digital transformation have decimated the perimeter in an ever-expanding attack surface. Avertium offers Attack Surface Management, so you’ll have no more blind spots, weak links, or fire drills. See every threat in your attack surface, every device, every entry point, and every vulnerability. Our Attack Surface Management services include:  
    • Risk Assessments 
    • Pen Testing and Social Engineering  
    • Infrastructure Architecture and Integration  
    • Zero Trust Network Architecture 
    • Vulnerability Management 
  • We highly value your feedback. Kindly spare a moment to complete our feedback form, allowing us to enhance our services for our valued customers. 





 

SUPPORTING DOCUMENTATION

Critical Security Issue Affecting TeamCity On-Premises (CVE-2024-23917) – Update to 2023.11.3 Now | The TeamCity Blog (jetbrains.com) 

JetBrains warns of new TeamCity auth bypass vulnerability (bleepingcomputer.com) 

 
Chat With One of Our Experts



Flash Notice Security Flaws Critical Vulnerability TeamCity Vulnerability Blog