I would like to start implementing a plugin to detect Jetbrains TeamCity Server Authentication Bypass leading to RCE (CVE-2023-42793). This vulnerability was published in 10/04/2023 and reportedly exploited by nation-state actors.
Description:
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible. Exploitation of this issue does not require user interaction.
Versions:
Jetbrains TeamCity Server < 2023.05.4 (excluding)
I will send the PR if it is valid for the scope. Thank you.
Hello there,
I would like to start implementing a plugin to detect Jetbrains TeamCity Server Authentication Bypass leading to RCE (CVE-2023-42793). This vulnerability was published in 10/04/2023 and reportedly exploited by nation-state actors.
https://nvd.nist.gov/vuln/detail/CVE-2023-42793 https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/ https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/
Description: In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible. Exploitation of this issue does not require user interaction.
Versions: Jetbrains TeamCity Server < 2023.05.4 (excluding)
I will send the PR if it is valid for the scope. Thank you.