Free

CVE Series: Authentication Bypass Leading to Remote Code Execution (RCE) in JetBrains TeamCity (CVE-2024-27198)

CVE-2024-27198 is a critical vulnerability in JetBrains TeamCity, a Java-based open-source automation server used for application building. This flaw allows remote, unauthorized attackers to circumvent authentication, thereby gaining admin control over the server. All versions of TeamCity On-Premises up to 2023.11.3 are affected.

1
25
M
Time
Intermediate
difficulty
1
ceu/cpe

Course Content

How To Remediate CVE-2024-27198

15m

CVE-2024-27198 Remediation
Introduction to JetBrains TeamCity FREE

5m

Introduction-CVE-2024-27198 Exploitation
Exploiting the vulnerability

10m

CVE-2024-27198 Exploitation
Lab - Exploiting CVE-2024-27198

30m

CVE-2024-27198 Exploitation
Root Cause Analysis of CVE-2024-27198

10m

Introduction-CVE-2024-27198 Exploitation
Course Description

CVE-2024-27198 is a critical vulnerability in JetBrains TeamCity, a Java-based open-source automation server widely used for application building, testing, and deployment. Rated with a CVSS score of 9.8, this flaw permits remote, unauthorized attackers to circumvent authentication mechanisms, thereby gaining administrative control over the server. Exploiting this vulnerability involves manipulating URL parameters to access authenticated endpoints, allowing the attacker to perform a range of actions, including the addition of administrative users. All versions of TeamCity On-Premises up to 2023.11.3 are affected. The vulnerability's root cause is the inadequate validation and handling of parameters within URL requests, which leads to an authentication bypass. In this course you’ll explore, exploit, and remediate this CVE.

Target Audience

This course is for seasoned red teamers, penetration testers, security and vulnerability assessment analysts, developers, and system administrators who want to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.

Course Level

Intermediate

Prerequisites

A basic understanding of the Linux command line, networking, and Python.

Helpful Links

  • CVE Entry: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27198 (Official CVE)
  • NIST Entry: https://nvd.nist.gov/vuln/detail/CVE-2024-27198
  • Security Advisory: https://blog.jetbrains.com/teamcity/2024/03/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now/
  • Rapid7 Blog: https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
  • Dark Reading: https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive
  • Exploit: https://github.com/W01fh4cker/CVE-2024-27198-RCE https://packetstormsecurity.com/files/177601/JetBrains-TeamCity-Unauthenticated-Remote-Code-Execution.html
  • This course is part of a Career Path:
    No items found.

    Instructed by

    Senior Instructor
    Clint Kehr

    Clint is a technical manager for a financial services company’s Responsible Disclosure Team, where he interacts with ethical hackers who find vulnerabilities in the company’s infrastructure. Clint is a former Special Agent with the Department of Justice where he specialized in internet investigations and conducted numerous cases on cyber threat actors on the surface, deep, and dark web, resulting in Clint earning the Attorney General’s Distinguished Service Award. Clint has trained over 1,000 law enforcement officers, prosecutors, and civilians on the dark web and dark market websites. Clint has a master’s degree in intelligence studies from American Military University where he graduated with honors and also has a master’s degree in Information Technology from Carnegie Mellon University where he graduated with highest distinction. As a former Navy Reserve Officer, Clint served in many roles, such as a division officer and department head for commands in the information warfare community.

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a CVE Series: Authentication Bypass Leading to Remote Code Execution (RCE) in JetBrains TeamCity (CVE-2024-27198) Certificate of Completion