Two fresh security vulnerabilities have surfaced in JetBrains TeamCity On-Premises, a prevalent CI/CD solution. Designated as CVE-2024-27198 and CVE-2024-27199, these vulnerabilities were first reported to JetBrains in February 2024 and have now been disclosed publicly.
Researchers have published a comprehensive technical analysis of these vulnerabilities, collaborating closely with JetBrains throughout the disclosure process.
They underscore the severity of these vulnerabilities, cautioning that if exploited, they could afford attackers complete control over TeamCity projects, builds, agents, and artifacts. Such extensive access creates opportunities for potential supply chain attacks, presenting considerable risks to impacted systems and organizations.
TeamCity On-Premises Vulnerabilities
The vulnerabilities, facilitating authentication bypass, are situated within the web component of TeamCity and affect all versions of TeamCity On-Premises up to 2023.11.3.
The initial vulnerability, CVE-2024-27198, presents a critical risk, boasting a CVSS score of 9.8. Stemming from an alternative path issue, it empowers remote unauthenticated attackers to commandeer the TeamCity server with administrative privileges.
Conversely, the second vulnerability, CVE-2024-27199, exhibits a lower severity with a CVSS score of 7.3, stemming from a path traversal.
CVE-2024-27199 enables limited information disclosure and system modification, alongside unauthorized replacement of an HTTPS certificate on a susceptible TeamCity server. Consequently, it presents a risk of Denial-of-Service (DoS) by enabling manipulation of the HTTPS port number or the upload of an unvalidated certificate.
The technical analysis provides an exhaustive examination of the vulnerabilities’ exploitation techniques, outlining how attackers could forge new administrator accounts or generate administrator access tokens to attain complete control over the targeted server.
Armed with this technical insight, attackers may seek to exploit unpatched instances of TeamCity On-Premises. Therefore, administrators must promptly apply security updates to mitigate potential risks.
Mitigation
To mitigate the risks, administrators should promptly apply security updates. Upgrading to TeamCity On-Premises version 2023.11.4 resolves CVE-2024-27198 and CVE-2024-27199. Alternatively, a security patch plugin is accessible for TeamCity versions from 2018.2 onward, as well as for older versions such as TeamCity 2018.1.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment