Summary
JetBrains released security updates for 16 vulnerabilities across its on-premise ecosystem, including critical authentication bypass and remote code execution flaws in Hub, YouTrack, and TeamCity. These vulnerabilities allow attackers to hijack administrative accounts and compromise development environments/
Take Action:
If you run any on-premise JetBrains servers (Hub, YouTrack, TeamCity, or IntelliJ-based IDEs), update every one of them to the fixed versions. There are multiple critical flaws which will be exploited very soon. After updating TeamCity, rotate all your build tokens and credentials to lock out anyone who may have already gotten in.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)