all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

JetBrains TeamCity Unauthenticated Remote Code Execution

Add to bookmarks
Sept. 29, 2023, 2:45 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits an authentication bypass vulnerability to achieve unauthenticated remote code execution against a vulnerable JetBrains TeamCity server. All versions of TeamCity prior to version 2023.05.4 are vulnerable to this issue. The vulnerability was originally discovered by SonarSource.

authentication authentication bypass bypass bypass vulnerability code code execution exploits issue jetbrains jetbrains teamcity metasploit remote code remote code execution server sonarsource teamcity unauthenticated version vulnerability vulnerable

Visit resource

More from packetstormsecurity.com / Packet Storm

AIDE 0.18.7 1 day ago | packetstormsecurity.com
advanced aide algorithms can +17
Systemd Insecure PTY Handling 1 day ago | packetstormsecurity.com
changing handling high insecure +5
Microsoft PlayReady Toolkit 1 day ago | packetstormsecurity.com
access acquisition client code +19
Docker Privileged Container Kernel Escape 1 day ago | packetstormsecurity.com
can container container escape daemon +9
Gentoo Linux Security Advisory 202405-16 1 day ago | packetstormsecurity.com
advisory apache apache commons can +11
Gentoo Linux Security Advisory 202405-15 1 day ago | packetstormsecurity.com
advisory can code code execution +12
Gentoo Linux Security Advisory 202405-14 1 day ago | packetstormsecurity.com
advisory code code execution gentoo +7
Gentoo Linux Security Advisory 202405-13 1 day ago | packetstormsecurity.com
advisory can gentoo injection +6
Gentoo Linux Security Advisory 202405-12 1 day ago | packetstormsecurity.com
advisory arbitrary code arbitrary code execution can +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information System Security Officer (ISSO)

@ LinQuest | Boulder, Colorado, United States
View on infosec-jobs.com

Project Manager - Security Engineering

@ MongoDB | New York City
View on infosec-jobs.com

Security Continuous Improvement Program Manager (m/f/d)

@ METRO/MAKRO | Düsseldorf, Germany
View on infosec-jobs.com

Senior JavaScript Security Engineer, Tools

@ MongoDB | New York City
View on infosec-jobs.com

Principal Platform Security Architect

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Staff Cyber Security Engineer (Emerging Platforms)

@ NBCUniversal | Englewood Cliffs, NEW JERSEY, United States
View on infosec-jobs.com
View more jobs