CASE : AUTHENTICATION BYPASS IN JETBRAINS TEAMCITY
SUMMARY
A critical security issue was recently identified in TeamCity On-Premises. If abused, the flaw may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform bypass authentication checks and gain administrative control of that TeamCity server.
RECOMMENDATIONS
JetBrains advises On-Prem users to upgrade to the latest available version as soon as possible or install the security patch. See the references for the download links. If you are compromised, DIVD advises you start your incident response process immediately.
WHAT WE ARE DOING
DIVD is currently working to identify vulnerable instances and notify the owners of these systems.