The vulnerability, tracked as CVE-2023-42793 impacts the on-premises version of Jetbrains TeamCity. It allows an unauthenticated attacker with access to a targeted server achieve remote code execution and gain administrative control of the system.
This vulnerability has been seen as exploited since september 2023. More reports have been published about an active campaign from the SVR on december 2023.
The Stormhield Network Security (SNS) appliance protects you from that attack, thanks to a dedicated IPS signature. To work efficiently on HTTPS traffic, the SSL proxy needs to be enabled.
| ID | Name |
| http:mix.353 | Exploitation of an authentication bypass vulnerability in JetBrains TeamCity (CVE-2023-42793) |