First published: Tue Sep 19 2023(Updated: )
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
Credit: security@jetbrains.com ByteHunter cve@jetbrains.com cve@jetbrains.com
Affected Software | Affected Version | How to fix |
---|---|---|
Jetbrains Teamcity | <2023.05.4 | |
Jetbrains Teamcity | =2017.1 | |
Jetbrains Teamcity | =2017.2 | |
Jetbrains Teamcity | =2018.1 | |
Jetbrains Teamcity | =2018.2 | |
Jetbrains Teamcity | =2019.1 | |
Jetbrains Teamcity | =2019.2 | |
Jetbrains Teamcity | =2020.1 | |
Jetbrains Teamcity | =2020.2 | |
Jetbrains Teamcity | =2021.1 | |
Jetbrains Teamcity | =2021.2 | |
Jetbrains Teamcity | =2022.1 | |
Jetbrains Teamcity | =2022.2 | |
Jetbrains Teamcity | =2023.1 | |
Jetbrains Teamcity | =2023.2 | |
Jetbrains Teamcity | =2023.3 | |
Jetbrains Teamcity | =2023.4 | |
Jetbrains Teamcity | =2023.5 | |
Jetbrains Teamcity | =2023.6 | |
Jetbrains Teamcity | =2023.7 | |
Jetbrains Teamcity | =2023.8 | |
Jetbrains Teamcity | =2023.9 | |
Jetbrains Teamcity | =2023.10 | |
Jetbrains Teamcity | =2023.11 | |
Jetbrains Teamcity | ||
<2023.05.4 |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID CVE-2023-42793 refers to an authentication bypass vulnerability in JetBrains TeamCity before version 2023.05.4.
The severity of CVE-2023-42793 is critical, with a severity value of 9.8.
CVE-2023-42793 allows for authentication bypass, leading to remote code execution (RCE) on the TeamCity Server.
CVE-2023-42793 affects all versions of JetBrains TeamCity before version 2023.05.4.
To fix CVE-2023-42793, update JetBrains TeamCity to version 2023.05.4 or later.