JetBrains releases security fixes for TeamCity CI/CD system

JetBrains has released fixes for two critical security vulnerabilities in its TeamCity On-Premises CI/CD system discovered by cybersecurity company Rapid7.

The two vulnerabilities reported in late-February by Rapid7 would enable an authenticated attacker with HTTP(S) access to a TeamCity On-Premises server to bypass authentication checks and gain administrative control. These vulnerabilities affected all TeamCity On-Premises versions through 2023.11.3, but have been fixed in TeamCity On-Premises 2023.11.4. For users unable to update their server to version 2023.11.4, JetBrains also released a security patch plugin.

To read this article in full, please click here

This article has been indexed from InfoWorld Security

Read the original article: