CVE-2023-42793 Vulnerability
Hi
I have installed CVE-2023-42793-fix-recent-versions last Oct as I can't upgrade our teamcity to latest version.
I saw the new warnings that this plugin has been exploited. Is there any new plugin to fix the issue so I can install it until , we get our systems ready for upgrade?
I really appreciate any help and advice.
Thank you very much
Kati
Please sign in to leave a comment.
Hi, where do you see these warnings?
Hi
On your website, I saw this
On December 13, 2023 the Cybersecurity & Infrastructure Security Agency of the U.S. Department of Homeland Security (CISA) released a public advisory, in which they shared new ways in which this vulnerability (CVE-2023-42793) has been exploited by Russian nation-state threat actors as of September 2023.
Last October, I installed ‘CVE-2023-42793-fix-recent-versions’ because I could not upgarde our teamcity.
We have version 2022.04.10 and I need to upgrade some other softwares before I upgrade Teamcity to 2023.05.
I just need to know, is there any new plugin to fix the vulnerability?
Thank you
Kati
Hi Kati,
It's the same vulnerability, not a new one, so if you installed the patch plugin, then your TeamCity installation is safe and you don't need to upgrade.
Thank you very much for clarification.
I am planning to upgrade Teamcity to 2023.05.04 version.
I have
DotNet3.4, 4.5 and 4.6
Git 2.42
Jreg 8
Nodjs 18.8
Should I upgrade any of this before upgrading Teamcity to 2023.05.04 or is it safe if I upgrade Teamcity and then upgrade these later?
Thank you
Kati
It should be safe to update TeamCity, please go ahead and ask any questions you may have
Thank you very much
Hi Dmitry
I upgraded teamcity to 2023.05.4 yesterday. Thank you for your help.
I have Jre8.0.341 on 3 TC agents.
I want to upgrade it to version 11. I am new in this area so I really appreciate if you you help me to correct direction.
I need to know what is the version 11. Is there any Jre11? Where can I download it? Any URL? My server is 64bit.
Is there anything, I should be aware before installing version 11 of JRe?
Thank you very much
Kati
Hi Kati,
Please read the following documentation https://www.jetbrains.com/help/teamcity/configure-java-for-agent.html, it describes how to install java on the agents
Good morning
I received an email about the security vulnerabilities.
We have Teamcity, on-premises 2023.05.
Recently, I installed the plugin security_patch_2024_02. I checked your website and I don't see any newer plugin.
Is there any new plugin that I have to install or I MUST upgrade our teamcity to 2023.11.
I really appreciate your help and advice.
Thank you
Kati
Any answer please?
Hi, please upgrade to 2023.05.5 release, more details are in the blog post we published https://blog.jetbrains.com/teamcity/2024/05/teamcity-major-bug-fix-release-for-all-versions/