Software distribution system TeamCity remembers deleted access tokens
Attackers can exploit six vulnerabilities in JetBrain TeamCity that have since been closed.
The TeamCity software distribution system from JetBrain is vulnerable. The developers have sealed several vulnerabilities in a current version.
Unauthorized access possible
According to the security section of the JetBrains website, one vulnerability (CVE-2024-41827) is classified as"high". The problem is that access tokens continue to work after they have expired and been deleted, allowing attackers to gain access. It is not yet clear how such an attack could take place.
By successfully exploiting the remaining vulnerabilities, attackers can launch persistent XSS attacks in the code inspection tab and in the show connection page (CVE-2024-41825"medium", CVE-2024-41826"low"), among other things, in order to execute their own commands.
The developers state that they have closed the vulnerabilities in version 2024.07.
(des)