Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Critical Vulnerability in JetBrains TeamCity On-Premises
Alerts

Active Exploitation of Critical Vulnerability in JetBrains TeamCity On-Premises

15 December 2023

JetBrains has released updates addressing a critical vulnerability (CVE-2023-42793) in their TeamCity On-Premises. The vulnerability is reportedly being actively exploited and has a Common Vulnerability Scoring System (CVSS) score of 9.8 out of 10.

Successful exploitation of the vulnerability could allow an unauthenticated attacker with HTTP(S) access to perform remote code execution and gain administrative control over the compromised server.

The vulnerability affects TeamCity On-Premises versions before 2023.05.4.

Users and administrators of affected products are advised to update to the latest version immediately.

More information is available here:
https://nvd.nist.gov/vuln/detail/CVE-2023-42793
https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/

Back to top