We installed TeamCity Server back in 2017, Version 2017.2.2 (build 50909), and have run updates on the Administrator/Update screen to update to the current version, 2023.05.4 (build 129421), which we are running now. I know that there are some files that are not updated by running the update through the TeamCity server.
When the patch for CVE-2023-42793 was released we ran the TeamCity Server update as we've always done and thought that we had fixed the vulnerability.
Lately our security office through their scanning has notified us that we still have a vulnerable version of the TeamCity software. This is the finding that we were sent.
Is there a way to fix this security problem?