JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199)

Fortiguard Security Advisory

What are the Vulnerabilities?

Two new vulnerabilities affecting JetBrains TeamCity CI/CD server have been identified and tagged as CVE-2024-27198 and CVE-2024-27199. The most severe of the two, CVE-2024-27198, has been added to CISA’s known exploited catalog which allows for a complete compromise of a vulnerable TeamCity server by a remote unauthenticated attacker.

What is the Vendor Solution?

On March 3, 2024, JetBrains released TeamCity 2023.11.4 to fix both CVE-2024-27198 and CVE-2024-27199. [ Link ]

What FortiGuard Coverage is available?

FortiGuard Labs has released endpoint vulnerability signatures, which can help detect vulnerable systems and auto-patch where applicable, and has blocked all the known indicators of compromise (IoCs).

FortiGuard Labs recommends companies to review the vendor’s advisory.