Multiple vulnerabilities in JetBrains TeamCity



Published: 2019-11-04
Risk High
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2019-18365
CVE-2019-18364
CWE-ID CWE-1022
CWE-502
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		TeamCity
Web applications / CRM systems

Vendor JetBrains s.r.o.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Reverse Tabnabbing

EUVDB-ID: #VU22502

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-18365

CWE-ID: CWE-1022 - Use of Web Link to Untrusted Target with window.opener Access

Exploit availability: No

Description

The vulnerability allows a remote attacker to modify certain properties on the affected system.

The vulnerability exist due to Reverse Tabnabbing on several pages. A remote attacker can modify the location property to automatically redirect the user to a malicious site.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TeamCity: 3.1 - 2019.1.3

External links

http://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Deserialization of Untrusted Data

EUVDB-ID: #VU22501

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-18364

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TeamCity: 3.1 - 2019.1.3

External links

http://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###