The text discusses two authentication bypass vulnerabilities affecting TeamCity On-Premises - CVE-2024-27198 (critical severity) and CVE-2024-27199 (high severity). These vulnerabilities allow attackers to gain complete control over the server, create new admin accounts, exploit path traversals to leak information or modify settings, execute denial-of-service attacks, and more. The vulnerabilities affected over 2,000 TeamCity servers, with evidence of exploitation in the wild
Mitigation strategies include updating to the latest version (2023.11.4) or using a security patch plugin provided by JetBrains to address the vulnerabilities across different TeamCity versions. ```https://cybersecuritynews.com/teamcity-authentication-bypass-vulnerabilities/