CVE-2023-42793 Vulnerability in TeamCity: Post-Mortem
- A critical vulnerability issue for TeamCity On-Premises was discovered by the Sonar team. TeamCity Cloud was not affected.
- The TeamCity team released the 2023.05.4 fix for the issue.
- We created a plugin that works for older TeamCity versions (8.0+) and recommended installing it to all customers who could not upgrade quickly enough.
- We notified all TeamCity On-Premises customers about the vulnerability.
- The issue was publicly announced.
Actions taken by the TeamCity team
On September 6, 2023, we received a report from Sonar regarding a critical vulnerability issue identified in TeamCity On-Premises. If abused, the flaw could enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform a remote code execution (RCE) attack and gain administrative control of the TeamCity server.
We confirmed receiving the report on the same day and proceeded with the internal investigation. On September 14, 2023, we reported back to Sonar. We confirmed it to be a major security issue and stated that we had reproduced the issue and prepared a fix for it. Please refer to the Sonar blog post for technical details about how the issue can be reproduced.
We then proceeded with handling the issue. On September 18, 2023, we released version 2023.05.4 that contained a fix for the issue. We also created a plugin for older TeamCity versions (8.0+). Thanks to the plugin, any customers who were unable to update to the latest TeamCity version could still apply the fix.
The plugin can be downloaded here:
- Versions prior to 2018.1 –- https://download.jetbrains.com/teamcity/plugins/internal/CVE-2023-42793-fix-2018-1.zip.
- Versions 2018.2+ – https://download.jetbrains.com/teamcity/plugins/internal/CVE-2023-42793-fix-recent-versions.zip.
We then notified TeamCity Enterprise customers about the issue, encouraging them to update their servers to the latest version, 2023.05.4, which can be found here: https://www.jetbrains.com/teamcity/download/other.html.
We’d like to thank the Sonar team for discovering the issue and their collaboration on the public announcement.
|September 6, 2023, 10:44||We received the report from the Sonar team.|
|September 6, 2023, 12:39||We confirmed receipt of the report.|
|September 6, 2023, 12:54||We reproduced the issue.|
|September 7, 2023||We fixed the issue in the 2023.05.x branch.|
|September 12, 2023||We prepared the plugin that could be used as a workaround.|
|September 14, 2023||We sent an update to the Sonar team confirming a major security issue.|
|September 18, 2023||TeamCity version 2023.05.4 with the vulnerability fixes was released.|
|September 18, 2023||We sent notifications to customers asking them to update as soon as possible.|
|September 19, 2023||CVE-2023-42793 was published.|
|September 21, 2023||We published a blog post about the issue.|
Subscribe to Blog updates
Thanks, we've got you!
TeamCity 2023.11: Matrix Build, Build Cache, and More
TeamCity 2023.11 is out! With this release, we’re introducing a number of highly anticipated features, including matrix builds, build caches, EC2 improvements, and more. Read on to learn more about the new features.
Meet us at AWS re:Invent 2023
TeamCity is taking part in AWS re:Invent this week! Stop by our booth to say hello and meet the team.
Power Up Your Pipelines with New Agent Types Available in TeamCity Cloud
We’re introducing new types of JetBrains build agents to TeamCity Cloud. Read on to find out more about them!