Vulnerability DatabaseCVE-2024-27199

CVE-2024-27199:
JetBrains TeamCity vulnerability analysis and mitigation

Overview

JetBrains TeamCity versions before 2023.11.4 contain a path traversal vulnerability (CVE-2024-27199) that allows unauthorized users to perform limited administrative actions. The vulnerability was discovered and disclosed in March 2024, affecting the web component of TeamCity On-Premises servers (NVD, Arctic Wolf).

Technical details

The vulnerability is classified as a path traversal issue (CWE-22, CWE-23) in the web component of TeamCity. It has been assigned a CVSS v3.1 base score of 7.3 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. This indicates that the vulnerability can be exploited remotely without requiring privileges or user interaction (NVD).

Impact

When exploited, the vulnerability can lead to information disclosure and system modifications, including the ability to replace the HTTPS certificate of a vulnerable TeamCity server with a certificate of the attacker's choice (Arctic Wolf).

Mitigation and workarounds

JetBrains has released version 2023.11.4 to address this vulnerability. For users unable to upgrade immediately, JetBrains provides security patch plugins for different TeamCity versions (2018.2 and newer, and 2018.1 and older). All TeamCity Cloud servers have already been patched (Arctic Wolf, JetBrains Advisory).