A essential vulnerability within the TeamCity CI/CD server could possibly be exploited remotely, with out authentication, to execute arbitrary code and acquire administrative management over a weak server.
Developed by JetBrains, TeamCity is a general-purpose construct administration and steady integration platform out there each for on-premises set up and as a cloud service.
The not too long ago recognized essential flaw, tracked as CVE-2023-42793 (CVSS rating of 9.8), is described as an authentication bypass impacting the on-premises model of TeamCity.
The problem could be exploited by attackers over an HTTP(S) connection and doesn’t require person interplay for profitable exploitation, code security agency Sonar Supply, which recognized the bug, explains.
“This allows attackers not solely to steal supply code but additionally saved service secrets and techniques and personal keys. And it’s even worse: With entry to the construct course of, attackers can inject malicious code, compromising the integrity of software program releases and impacting all downstream customers,” Sonar notes.
This, Sonar says, is feasible as a result of CI/CD servers similar to TeamCity automate the software program improvement course of, which means that they’ve entry to a corporation’s supply code and different delicate info related to the constructing, testing, and deployment processes.
Based on JetBrains, all TeamCity on-premises situations as much as and together with model 2023.05.3 are impacted by this vulnerability. TeamCity cloud is just not affected by the vulnerability.
The bug was addressed in TeamCity model 2023.05.4. JetBrains additionally launched a security patch plugin for TeamCity variations 8.0 and above, however says it’s not contemplating to backport the repair.
“The security patch plugin will solely deal with the RCE vulnerability described above. We at all times advocate customers improve their servers to the most recent model to profit from many different security updates,” JetBrains explains.
TeamCity servers which might be accessible from the web must be patched instantly or made inaccessible till the patch is put in.
Each JetBrains and Sonar say that technical particulars on the vulnerability aren’t being printed for now. Based on Sonar, the bug is trivial to take advantage of and it’s doubtless that in-the-wild exploitation can be noticed.
