ClickCease CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog

Wajahat Raja

March 18, 2024 - TuxCare expert team

The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical JetBrains TeamCity vulnerability, emphasizing the urgent need for users to take preventive measures. The recently discovered flaw has been added to the Known Exploited Vulnerabilities (KEV) Catalog, with evidence of active exploitation.


CISA Advisory On JetBrains TeamCity


CISA, in a recent security advisory, highlights the severity of such vulnerabilities, underscoring their potential as common attack vectors for malicious cyber actors. As a result of the CISA cybersecurity alert, the agency took a decisive step by incorporating this flaw into the Binding Operational Directive (BOD) 22-01. 

It’s an evolving list of vulnerabilities actively targeting Federal Civilian Executive Branch (FCEB) agencies, essentially government bodies. BOD 22-01 mandates FCEB agencies to promptly apply the latest patches and fortify their endpoints against known vulnerabilities within specified deadlines.


JetBrains TeamCity Vulnerability Unveiled

KEV Catalog vulnerability revolves around a critical authentication bypass within the TeamCity On-Premises software. This flaw tracked as CVE-2024-27198, poses a severe threat with a rating of 9.8. 

Unauthenticated attackers could exploit this vulnerability, gaining full control over target servers. Security researchers from Rapid7, who discovered and reported the flaw to JetBrains, explain that compromising a TeamCity server provides attackers with control over projects, builds, agents, and artifacts – a potential gateway for supply chain attacks.


Authentication Bypass Consequences and Immediate Action 

The authentication bypass flaw allows unauthenticated attackers to reach a limited number of authenticated endpoints without any hindrance. Rapid7 warns that this vulnerability empowers attackers to modify specific system settings on the server and disclose a restricted amount of sensitive information, emphasizing the urgency of applying the patch.

Cybersecurity risk mitigation is a critical aspect of protecting digital assets and maintaining business resilience in the face of evolving threats. In response to this critical vulnerability, JetBrains swiftly released a patch that addresses the initial JetBrains TeamCity vulnerability.

The patch also addresses a secondary vulnerability, CVE-2024-27199. The latter flaw, with a severity score of 7.3, could be leveraged for Distributed Denial of Service (DDoS) attacks against a TeamCity server and adversary-in-the-middle attacks. All TeamCity versions up to 2023.11.3 are reportedly vulnerable, making it crucial for users to act promptly. 

JetBrains strongly advises all users to upgrade their software to version 2023.11.4, effectively closing the door on potential threats and fortifying their systems against exploitation.


KEV Catalog Security Update

JetBrains TeamCity users, particularly those within the crosshairs of North Korean and Russian threat actors, are urged to apply the
JetBrains TeamCity patch without delay. The company’s proactive approach underscores the real and immediate dangers posed by these vulnerabilities and the necessity for users to stay ahead of potential threats.


In the ever-evolving landscape of cybersecurity threats, the recent
vulnerability in software development tools demands immediate attention. Effective software vulnerability management is essential for maintaining the security and integrity of digital systems.

By adhering to CISA’s directives and implementing automated security protocols, users can safeguard their systems against potential exploitation, ensuring business continuity and maintaining compliance with evolving security standards. 

The sources for this piece include articles in The Hacker News and CISA.


CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog
Article Name
CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog
Stay protected! Learn about the critical JetBrains TeamCity vulnerability recently flagged by CISA. Act now to secure your systems.
Publisher Name
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started




Linux & Open Source

Subscribe to
our newsletter