← voltar
CVE-2023-42793

CVE-2023-42793

CVSS 9.8 CRITICALEPSS 100.0%● KEVCWE-288
Em resumo

Versões do TeamCity anteriores a 2023.05.4 possuem uma falha que permite atacantes burlar a autenticação de login e obter controle total do servidor, podendo executar qualquer código desejado.

Detalhe técnico

Falha de bypass de autenticação (CWE-288) no TeamCity Server permite execução remota de código sem credenciais. A vulnerabilidade contorna mecanismos de validação de credenciais e possibilita execução arbitrária de comandos com privilégios de servidor, necessitando apenas acesso de rede à instância afetada.

Resumo gerado e traduzido por IA a partir da descrição oficial.
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
JetBrains · TeamCity
PoCs públicas encontradas17
githubgithub.com/H454NSec/CVE-2023-4279345githubgithub.com/B4l3rI0n/CVE-2023-4279310githubgithub.com/Zenmovie/CVE-2023-427939githubgithub.com/hotplugin0x01/CVE-2023-427932githubgithub.com/HusenjanDev/CVE-2023-427931githubgithub.com/SwiftSecur/teamcity-exploit-cve-2023-427931githubgithub.com/syaifulandy/Nuclei-Template-CVE-2023-42793.yaml1githubgithub.com/junnythemarksman/CVE-2023-427931githubgithub.com/cxdxnt/CVE-2023-427930githubgithub.com/whoamins/CVE-2023-427930githubgithub.com/FlojBoj/CVE-2023-427930githubgithub.com/becrevex/CVE-2023-427930githubgithub.com/jakehomb/cve-2023-427930githubgithub.com/syorik/CVE-2023-427930githubgithub.com/DDestinys/CVE-2023-427930exploitdbwww.exploit-db.com/exploits/51884não verificadocve_referencepacketstormsecurity.com/files/174860/JetBrains-TeamCity-Unauthenticated-Remote-Code-Execution.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/174860/JetBrains-TeamCity-Unauthenticated-Remote-Code-Execution.htmlhttps://attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-42793https://www.jetbrains.com/privacy-security/issues-fixed/https://www.rapid7.com/blog/post/2023/09/25/etr-cve-2023-42793-critical-authentication-bypass-in-jetbrains-teamcity-ci-cd-servers/https://www.securityweek.com/recently-patched-teamcity-vulnerability-exploited-to-hack-servers/https://www.sonarsource.com/blog/teamcity-vulnerability/