TeamCity, JetBrains' software solution, increasingly becoming a prime target for attacks due to the emergence of more vulnerabilities.
Critical Authentication Bypass Vulnerability in JetBrains TeamCity Now Fixed
A critical authentication bypass vulnerability, identified as CVE-2024-27198, has been addressed by JetBrains in their popular software, JetBrains TeamCity. The vulnerability, discovered by Rapid7, allows for bypassing authentication in the web component of TeamCity [1].
JetBrains has released security updates to rectify this issue, and users are strongly advised to update to the latest version to mitigate the risk [1][5]. However, there has been a disagreement between JetBrains and Rapid7 about the timing of the security update release. Rapid7 advocated for a timely public advisory after the patch became available, while JetBrains preferred to delay the public disclosure to ensure a thorough fix and avoid premature exploitation risk [1].
As of August 2025, JetBrains TeamCity users should be running the latest patched versions. Vendor advisories and Fortinet's Web Application Firewall updates now explicitly include fixes for authentication bypass and path traversal in TeamCity [5]. The vulnerability has been broadly recognized in the security community since early 2024, and automated detection tools flag vulnerable versions to encourage updating [1]. No major exploitation campaigns have been reported following patch availability, indicating responsible disclosure and patch management may have limited abuse.
The impacted versions of TeamCity are those On-Premises versions leading up to 2023.11.3 [2]. This is not related to any of the critical flaws disclosed in recent months [3]. It is essential for users to ensure timely application of vendor updates to avoid exposure.
The vulnerability, CVE-2024-27198, has a CVSS score of 9.8, indicating a high severity [4]. One of the vulnerabilities can enable a remote, unauthenticated attacker to take control of a vulnerable server [1].
This incident serves as a reminder for corporate stakeholders to focus on understanding the risk calculus of their technology stacks, asking themselves: Are we a target? [6]
(Correction: An earlier version of this article misidentified the company.)
[1] Rapid7 Blog: CVE-2024-27198 - Authentication Bypass Vulnerability in JetBrains TeamCity
[2] JetBrains Security Advisory: CVE-2024-23917 and CVE-2024-27198
[3] Rapid7 Blog: JetBrains TeamCity: A Series of Security Issues
[4] NIST National Vulnerability Database: CVE-2024-27198
[5] Fortinet Advisory: CVE-2024-23917 and CVE-2024-27198
[6] Corporate stakeholders seeking to better understand the risk calculus of their technology stacks may find this article helpful: Are We a Target?
Marketing teams at JetBrains and Rapid7 should prioritize communication strategies to address the controversy surrounding the timing of the public advisory for the CVE-2024-27198 vulnerability in JetBrains TeamCity, emphasizing the importance of cybersecurity in data-and-cloud-computing and technology sectors. Due diligence in technology stack vulnerability management is crucial to mitigate risks associated with exploitable vulnerabilities like CVE-2024-27198, which has a high severity score, potentially enabling unauthenticated attackers to gain control of affected servers.
