{"id":3373,"date":"2023-09-26T15:36:15","date_gmt":"2023-09-26T15:36:15","guid":{"rendered":"https:\/\/secry.me\/explore\/?p=3373"},"modified":"2023-10-03T11:43:07","modified_gmt":"2023-10-03T11:43:07","slug":"cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines","status":"publish","type":"post","link":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/","title":{"rendered":"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines"},"content":{"rendered":"<div class=\"c7f5092f831f91fb6af859cc3a8052cc\" data-index=\"4\" style=\"float: none; margin:10px 0 10px 0; text-align:center;\">\n<script async src=\"https:\/\/securepubads.g.doubleclick.net\/tag\/js\/gpt.js\"><\/script>\r\n<script>\r\n  window.googletag = window.googletag || {cmd: []};\r\n  googletag.cmd.push(function() {\r\n    googletag.defineSlot('\/22608490431\/iklan1', [[320, 100], [300, 50]], 'div-gpt-ad-1696178236578-0').addService(googletag.pubads());\r\n    googletag.pubads().enableSingleRequest();\r\n    googletag.enableServices();\r\n  });\r\n<\/script>\r\n<!-- \/22608490431\/iklan1 -->\r\n<div id='div-gpt-ad-1696178236578-0' style='min-width: 300px; min-height: 50px;'>\r\n  <script>\r\n    googletag.cmd.push(function() { googletag.display('div-gpt-ad-1696178236578-0'); });\r\n  <\/script>\r\n<\/div>\n<\/div>\n<p data-sourcepos=\"3:1-3:229\">JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\/CD) platform. Developers use it to automate the software development process, from building and testing code to deploying it to production.<\/p>\n<p data-sourcepos=\"5:1-5:222\">Unauthenticated attackers could exploit a critical <a href=\"https:\/\/secry.me\/explore\/news\/\">security flaw<\/a> in JetBrains TeamCity, a continuous integration and continuous delivery (CI\/CD) software, to achieve remote code execution on affected systems.<\/p>\n<p data-sourcepos=\"7:1-7:192\"><span class=\"citation-0 citation-1 citation-end-0\">The flaw, tracked as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-42793\">CVE-2023-42793<\/a>, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4<\/span><span class=\"citation-1 citation-end-1\"> following responsible disclosure on September 6, 2023.<\/span><\/p>\n<p data-sourcepos=\"9:1-9:192\">If exploited, the vulnerability could allow attackers <span class=\"citation-2 citation-end-2\">to steal source code, service secrets, and private keys; take control over attached build agents; and poison build artifacts.<\/span><\/p>\n<h2 data-sourcepos=\"9:1-9:192\">Proof Of Concept?<\/h2>\n<figure id=\"attachment_3383\" aria-describedby=\"caption-attachment-3383\" style=\"width: 728px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\" td-modal-image wp-image-3383 size-full\" src=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrain-POC-sample.jpg\" alt=\"JetBrain POC sample\" width=\"728\" height=\"380\" srcset=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrain-POC-sample.jpg 728w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrain-POC-sample-300x157.jpg 300w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrain-POC-sample-150x78.jpg 150w, https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrain-POC-sample-696x363.jpg 696w\" sizes=\"auto, (max-width: 728px) 100vw, 728px\" \/><figcaption id=\"caption-attachment-3383\" class=\"wp-caption-text\">JetBrain POC Example. Source: TheHacker News<\/figcaption><\/figure>\n<p data-sourcepos=\"7:1-7:374\">Unauthenticated attackers can exploit CVE-2023-42793 to send specially crafted HTTP requests to JetBrains TeamCity servers. These requests can then allow the execution of arbitrary code on the server, potentially enabling attackers to steal source code, service secrets, and private keys, take control over attached build agents, and poison build artifacts.<\/p>\n<h2 data-sourcepos=\"7:1-7:374\">JetBrains released a patch for the vulnerability<\/h2>\n<p data-sourcepos=\"11:1-11:133\">JetBrains has released a patch for the CVE-2023-42793 vulnerability in TeamCity version 2023.05.4. They also has urged users to upgrade to TeamCity version <a href=\"https:\/\/www.jetbrains.com\/privacy-security\/issues-fixed\/\">2023.05.4<\/a> or later as soon as possible to mitigate the risk of exploitation.<\/p>\n<p data-sourcepos=\"13:1-13:322\">While there are no known active exploits of this vulnerability, it is important to note that it is critical to patch all known vulnerabilities as soon as possible. Attackers are constantly looking for new ways to exploit vulnerabilities, and they may develop exploits for known vulnerabilities before patches are released.<\/p>\n<h2 data-sourcepos=\"13:1-13:322\">Recommendation<\/h2>\n<p data-sourcepos=\"11:1-11:120\">In addition to updating TeamCity, users can also take the following steps to protect themselves from this vulnerability:<\/p>\n<ul data-sourcepos=\"13:1-16:0\">\n<li data-sourcepos=\"17:1-17:206\"><strong>Using a layered security approach.<\/strong>\u00a0This includes using firewalls, intrusion detection systems, and next-generation web application firewalls (NGWAFs) to protect against a wide range of attack vectors.<\/li>\n<li data-sourcepos=\"14:1-14:153\"><strong>Restrict access to TeamCity servers.<\/strong>\u00a0Only allow authorized users to access TeamCity servers. If possible, use a VPN to connect to TeamCity servers.<\/li>\n<li data-sourcepos=\"15:1-16:0\"><strong>Regularly back up TeamCity data.<\/strong>\u00a0This will allow you to recover your data if it is compromised by an attacker.<\/li>\n<li data-sourcepos=\"21:1-21:155\"><strong>Use a secure version control system.<\/strong>\u00a0A secure version control system will help to protect your source code from unauthorized access and modification.<\/li>\n<li data-sourcepos=\"22:1-22:173\"><strong>Use a secure code review process.<\/strong> A secure code review process helps identify and fix security vulnerabilities in your code before deploying it to production.<\/li>\n<li data-sourcepos=\"23:1-23:172\"><strong>Use a secure build pipeline.<\/strong> A secure build pipeline helps protect your build pipeline from attacks and ensures that only trusted code is deployed to production.<\/li>\n<li data-sourcepos=\"24:1-25:0\"><strong>Monitor your build pipeline for suspicious activity.<\/strong>\u00a0Use monitoring tools to detect and respond to suspicious activity on your build pipeline.<\/li>\n<li data-sourcepos=\"18:1-18:168\"><strong>Educating employees about cybersecurity best practices.<\/strong>\u00a0This includes creating strong passwords, being wary of phishing emails, and reporting suspicious activity.<\/li>\n<li data-sourcepos=\"19:1-20:0\"><strong>Having a plan for responding to cyberattacks.<\/strong>\u00a0This plan should include steps for containing the attack, investigating the incident, and recovering from the attack.<\/li>\n<\/ul>\n<div class=\"group w-full text-token-text-primary border-b border-black\/10 gizmo:border-0 dark:border-gray-900\/50 gizmo:dark:border-0 bg-gray-50 gizmo:bg-transparent dark:bg-[#444654] gizmo:dark:bg-transparent\" data-testid=\"conversation-turn-9\">\n<div class=\"p-4 justify-center text-base md:gap-6 md:py-6 m-auto\">\n<div class=\"flex flex-1 gap-4 text-base mx-auto md:gap-6 md:max-w-2xl lg:max-w-[38rem] xl:max-w-3xl }\">\n<div class=\"relative flex w-[calc(100%-50px)] flex-col gap-1 md:gap-3 lg:w-[calc(100%-115px)]\">\n<div class=\"flex flex-grow flex-col gap-3 max-w-full\">\n<div class=\"min-h-[20px] flex flex-col items-start gap-3 overflow-x-auto whitespace-pre-wrap break-words\">\n<div class=\"markdown prose w-full break-words dark:prose-invert dark\">\n<p>By following these steps, users can reduce the risk of this vulnerability exploiting them.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\/CD) platform. Developers use it to automate the software development process, from building and testing code to deploying it to production. Unauthenticated attackers could exploit a critical security flaw in JetBrains TeamCity, a continuous integration and continuous delivery (CI\/CD) software, to achieve remote code execution [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3384,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[194,131],"tags":[291,192,307,289,292,290],"class_list":{"0":"post-3373","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"category-news","9":"tag-cve","10":"tag-cyber-security","11":"tag-cybersecurity","12":"tag-jet-brains","13":"tag-pipeline","14":"tag-teamcity"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.4 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines | SECRY<\/title>\n<meta name=\"description\" content=\"JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\/CD) platform. Developers use it to automate the software development\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines | SECRY\" \/>\n<meta property=\"og:description\" content=\"JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\/CD) platform. Developers use it to automate the software development\" \/>\n<meta property=\"og:url\" content=\"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/\" \/>\n<meta property=\"og:site_name\" content=\"SECRY\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/secry.me\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-26T15:36:15+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-03T11:43:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/secryweb.sirv.com\/WP_secry.me\/2023\/09\/JetBrains-Vulnerability-CVE-2023-42793.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Christin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/\"},\"author\":{\"name\":\"Christin\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/a0dca9413073b143bfc0db687dd0b0d6\"},\"headline\":\"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines\",\"datePublished\":\"2023-09-26T15:36:15+00:00\",\"dateModified\":\"2023-10-03T11:43:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/\"},\"wordCount\":519,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/JetBrains-Vulnerability-CVE-2023-42793.png\",\"keywords\":[\"CVE\",\"Cyber Security\",\"CyberSecurity\",\"Jet Brains\",\"Pipeline\",\"TeamCIty\"],\"articleSection\":[\"Cyber Security\",\"Hacker News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/\",\"name\":\"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines | SECRY\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/JetBrains-Vulnerability-CVE-2023-42793.png\",\"datePublished\":\"2023-09-26T15:36:15+00:00\",\"dateModified\":\"2023-10-03T11:43:07+00:00\",\"description\":\"JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\\\/CD) platform. Developers use it to automate the software development\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#primaryimage\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/JetBrains-Vulnerability-CVE-2023-42793.png\",\"contentUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/JetBrains-Vulnerability-CVE-2023-42793.png\",\"width\":1280,\"height\":720,\"caption\":\"JetBrains Vulnerability CVE-2023-42793. Source image: BankInfo Security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/secry.me\\\/explore\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"name\":\"SECRY\",\"description\":\"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections\",\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"alternateName\":\"Security Story\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/secry.me\\\/explore\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\",\"name\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\",\"alternateName\":\"SECRY\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"contentUrl\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"width\":512,\"height\":512,\"caption\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/secry.me\",\"https:\\\/\\\/pinterest.com\\\/secry_me\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/a0dca9413073b143bfc0db687dd0b0d6\",\"name\":\"Christin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"caption\":\"Christin\"},\"description\":\"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.\",\"sameAs\":[\"https:\\\/\\\/secry.me\\\/explore\"],\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/author\\\/secry\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines | SECRY","description":"JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\/CD) platform. Developers use it to automate the software development","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/","og_locale":"en_US","og_type":"article","og_title":"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines | SECRY","og_description":"JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\/CD) platform. Developers use it to automate the software development","og_url":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/","og_site_name":"SECRY","article_publisher":"https:\/\/www.facebook.com\/secry.me","article_published_time":"2023-09-26T15:36:15+00:00","article_modified_time":"2023-10-03T11:43:07+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2023\/09\/JetBrains-Vulnerability-CVE-2023-42793.png","type":"image\/png"}],"author":"Christin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Christin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#article","isPartOf":{"@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/"},"author":{"name":"Christin","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/a0dca9413073b143bfc0db687dd0b0d6"},"headline":"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines","datePublished":"2023-09-26T15:36:15+00:00","dateModified":"2023-10-03T11:43:07+00:00","mainEntityOfPage":{"@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/"},"wordCount":519,"commentCount":0,"publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"image":{"@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrains-Vulnerability-CVE-2023-42793.png","keywords":["CVE","Cyber Security","CyberSecurity","Jet Brains","Pipeline","TeamCIty"],"articleSection":["Cyber Security","Hacker News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/","url":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/","name":"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines | SECRY","isPartOf":{"@id":"https:\/\/secry.me\/explore\/#website"},"primaryImageOfPage":{"@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#primaryimage"},"image":{"@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrains-Vulnerability-CVE-2023-42793.png","datePublished":"2023-09-26T15:36:15+00:00","dateModified":"2023-10-03T11:43:07+00:00","description":"JetBrains TeamCity is a popular continuous integration and continuous delivery (CI\/CD) platform. Developers use it to automate the software development","breadcrumb":{"@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#primaryimage","url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrains-Vulnerability-CVE-2023-42793.png","contentUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/09\/JetBrains-Vulnerability-CVE-2023-42793.png","width":1280,"height":720,"caption":"JetBrains Vulnerability CVE-2023-42793. Source image: BankInfo Security"},{"@type":"BreadcrumbList","@id":"https:\/\/secry.me\/explore\/cve-2023-42793-jetbrains-teamcity-flaw-exposes-code-and-pipelines\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/secry.me\/explore\/"},{"@type":"ListItem","position":2,"name":"CVE-2023-42793: JetBrains TeamCity Flaw Exposes Code and Pipelines"}]},{"@type":"WebSite","@id":"https:\/\/secry.me\/explore\/#website","url":"https:\/\/secry.me\/explore\/","name":"SECRY","description":"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections","publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"alternateName":"Security Story","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/secry.me\/explore\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/secry.me\/explore\/#organization","name":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections","alternateName":"SECRY","url":"https:\/\/secry.me\/explore\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/","url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","contentUrl":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","width":512,"height":512,"caption":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections"},"image":{"@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/secry.me","https:\/\/pinterest.com\/secry_me"]},{"@type":"Person","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/a0dca9413073b143bfc0db687dd0b0d6","name":"Christin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","caption":"Christin"},"description":"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.","sameAs":["https:\/\/secry.me\/explore"],"url":"https:\/\/secry.me\/explore\/author\/secry\/"}]}},"_links":{"self":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/3373","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/comments?post=3373"}],"version-history":[{"count":13,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/3373\/revisions"}],"predecessor-version":[{"id":3454,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/3373\/revisions\/3454"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media\/3384"}],"wp:attachment":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media?parent=3373"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/categories?post=3373"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/tags?post=3373"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}