Multiples vulnerabilities in JetBrains TeamCity

3 critical authentication bypass vulnerability and a medium vulnerability impact the CI/CD tool JetBrains TeamCity. The Stormshield Customer Security Lab recommends activating the protections detailed below and updating JetBrains TeamCity servers.

ID	Name
http:url:decoded.425	Exploitation of an authentication bypass in JetBrains TeamCity (CVE-2024-27198)
http:url:decoded.427	Exploitation of an authentication bypass in JetBrains TeamCity (CVE-2024-23917)
http:80	Directory traversal

For more details, please read our full article on Stormshield’s main website : https://www.stormshield.com/news/security-alert-jetbrains-teamcity-stormshields-product-response/