JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive (www.darkreading.com)

submitted 8 months ago by IllNess@infosec.pub to c/cybersecurity@infosec.pub

0 comments fedilink hide all child comments

One of the vulnerabilities (identified as CVE-2024-27198) has a near-maximum severity CVSS rating of 9.8 out of 10 and is an authentication bypass issue in TeamCity's Web component. Researchers from Rapid7 who discovered the vulnerability and reported it to JetBrains have described it as enabling a remote unauthenticated attacker to execute arbitrary code to take complete control of affected instances.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here

this post was submitted on 08 Mar 2024

15 points (100.0% liked)

cybersecurity

3306 readers

139 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub