JetBrains Patches Critical Flaws That Could Allow Full Server Compromise

Attackers can chain authentication bypass flaws with remote code execution vulnerabilities across JetBrains Hub, YouTrack, TeamCity, and IDEs to take over development environments.

CSBadmin
2 Min Read

Identity and Access Vulnerabilities

JetBrains has released security updates addressing a series of critical vulnerabilities in its on-premise products. The most severe flaws are in JetBrains Hub and YouTrack, which serve as central identity management and project tracking systems. In Hub, a critical bug allows account takeover through predictable restore codes, enabling attackers to guess recovery tokens and hijack user accounts. Another Hub flaw lets attackers escalate privileges by attaching authentication details from other accounts to their own profile. Additionally, multiple Hub vulnerabilities enable authentication bypass through direct database access, granting full administrative capabilities without valid credentials. YouTrack also suffers from a critical authentication bypass tied to direct database access, allowing an attacker to gain administrative control over the issue tracking system.

Code Execution and Supply Chain Risks

Beyond the identity layer, JetBrains has fixed several execution level vulnerabilities that can be chained with compromised accounts. Kotlin is affected by unsafe deserialization in build cache metadata, allowing arbitrary code execution during builds. GoLand contains a remote code execution flaw rooted in untrusted project configuration, exploitable simply by opening a malicious project. IntelliJ IDEA suffers from command injection through filename completion and command execution via the guest user account. A TeamCity flaw enables remote code execution through Perforce connection settings, posing a significant software supply chain risk. An attacker who first abuses an authentication bypass in Hub or YouTrack and then leverages an RCE primitive in TeamCity or an IDE can pivot from a single foothold to full control over builds, artifacts, and deployments. Administrators should prioritize upgrading Hub and YouTrack, restrict database access, enforce strong authentication, and audit logs for anomalous activity.

Source: Cyber Security News

CSBadmin

The latest in cybersecurity news and updates.

TAGGED:
Share This Article
Follow:
The latest in cybersecurity news and updates.