CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Oct 25, 2023

CVE-2023-42793

High

EPSS 92.9%CISA KEVRansomware

Description

JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Server.

EPSS — Exploit Probability

92.9%

Higher than 99.8% of all CVEs

Required Action

https://blog.jetbrains.com/teamcity/2023/09/critical-security-issue-affecting-teamcity-on-premises-update-to-2023-05-4-now/ ; https://nvd.nist.gov/vuln/detail/CVE-2023-42793

Risk Assessment

CRITICAL

In CISA KEV

High EPSS

Ransomware

Details

Severity: High
EPSS: 92.9%
CISA KEV: Yes
Ransomware: Known
Articles: 0

Timeline

Published

Oct 4, 2023

Added to KEV

Oct 4, 2023

Remediation Due

Oct 25, 2023

Affected Product

JetBrains

TeamCity

View all JetBrains CVEs

External Links

NVD (NIST)CVE Details MITRE CVE