Feb. 7, 2024, 10:29 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About CVE-2024-23917 CVE-2024-23917 could allow an unauthenticated threat actor with HTTP(S) access to a TeamCity server to bypass authentication controls and gain administrative privileges on the server. The vulnerability was first identified and reported by an external security researcher on January 19, 2024, and affects all versions of TeamCity On-Premises from 2017.1 through 2023.11.2. “We have fixed this … More →

The post …

access actor administrative privileges auth authentication authentication bypass bypass bypass vulnerability continuous continuous integration controls critical cve deployment don't miss hot stuff http integration jetbrains jetbrains teamcity privileges security update server servers teamcity threat threat actor unauthenticated vulnerability vulnerable

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

Issues Management & Risk Treatment Sr. Consultant

@ Northern Trust | Tempe, AZ Building 2190

Dir. DDIT ISC Enterprise Architecture AppSec

@ Novartis | Hyderabad (Office)

System Access Management Manager

@ Ingram Micro | CA - Irvine, HQ

Oracle Linux Systems Administrator

@ Leidos | 1662 Intelligence Community Campus - Bethesda MD

Senior Systems Engineer - AWS

@ CACI International Inc | 999 REMOTE