JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server.
The flaws can be used by a remote, unauthenticated attacker with HTTP(S) access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server. TeamCity is a build management and continuous integration and deployment server from JetBrains that allows developers to commit code changes into a shared repository several times a day.
Read more…
Source: Malwarebytes Labs