JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive
JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive
www.darkreading.com JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive
Just one day after disclosure, adversaries began targeting the vulnerabilities to take complete control of affected instances of the popular developer platform.
One of the vulnerabilities (identified as CVE-2024-27198) has a near-maximum severity CVSS rating of 9.8 out of 10 and is an authentication bypass issue in TeamCity's Web component. Researchers from Rapid7 who discovered the vulnerability and reported it to JetBrains have described it as enabling a remote unauthenticated attacker to execute arbitrary code to take complete control of affected instances.
0
comments