![]() ![]() InsightVM and Nexpose customers can assess their exposure to CVE-2023-42793 with a remote vulnerability check in the September 25 content release. Rapid7 strongly recommends upgrading to the fixed version of the software (2023.05.4) as soon as possible rather than relying solely on workarounds. TeamCity customers should refer to the JetBrains advisory on CVE-2023-42793 for the latest information. For versions older than 2019.2, a server restart is required after the plugin has been installed. The plugins are supported on TeamCity 8.0+ and will mitigate CVE-2023-42793 specifically, but will not address any other security issues or bugs that are included in the full 2023.05.4 upgrade.įor TeamCity 2019.2 and later, the plugin can be enabled without restarting the TeamCity server. JetBrains notes in their advisory that vulnerability-specific security patch plugins (i.e., hot fixes) are available as a temporary workaround for TeamCity customers who are not able to upgrade to 2023.05.4. TeamCity Cloud is not affected, and according to JetBrains, TeamCity Cloud servers have already been upgraded to the latest version. Affected ProductsĬVE-2023-42793 affects all on-prem versions of JetBrains TeamCity prior to 2023.05.4. Our team has confirmed the vulnerability is trivially exploitable without authentication. Rapid7 has a full technical analysis of CVE-2023-42793 in AttackerKB. Customers who are unable to upgrade or apply a targeted fix for CVE-2023-42793 should consider taking the server offline until the vulnerability can be mitigated. We still recommend, however, that TeamCity customers upgrade to the fixed version (2023.05.4) immediately, or else apply one of the vulnerability-specific patches outlined in the JetBrains advisory. ![]() Successful exploitation of CVE-2023-42793 allows an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform a remote code execution attack and gain administrative control of the server - making the vulnerability a potential supply chain attack vector.Īs of September 25, 2023, Rapid7 is not aware of in-the-wild exploitation of CVE-2023-42793. ![]() On September 20, 2023, JetBrains disclosed CVE-2023-42793, a critical authentication bypass vulnerability in on-premises instances of their TeamCity CI/CD server. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |