Two critical security vulnerabilities discovered by Rapid7 could allow an attacker to gain administrative control of TeamCity On-Premises servers. Credit: do not use JetBrains has released fixes for two critical security vulnerabilities in its TeamCity On-Premises CI/CD system discovered by cybersecurity company Rapid7. The two vulnerabilities reported in late-February by Rapid7 would enable an authenticated attacker with HTTP(S) access to a TeamCity On-Premises server to bypass authentication checks and gain administrative control. These vulnerabilities affected all TeamCity On-Premises versions through 2023.11.3, but have been fixed in TeamCity On-Premises 2023.11.4. For users unable to update their server to version 2023.11.4, JetBrains also released a security patch plugin. JetBrains urges TeamCity On-Premises customers to update to 2023.11.4 now or install the security patch immediately. Related content how-to Docker tutorial: Get started with Docker volumes Learn the ins, outs, and limits of Docker's native technology for integrating containers with local file systems. By Serdar Yegulalp Nov 13, 2024 8 mins Devops Cloud Computing Software Development news WSO2 API managers manage AI APIs WSO2 API Manager and WSO2 API Platform for Kubernetes now allow developers to manage AI services as APIs, with support for OpenAI, Mistral A,I and Microsoft Azure OpenAI. By Paul Krill Nov 05, 2024 3 mins Generative AI APIs Devops analysis Agile and devops for SaaS and low-code development Software as a service and low-code platforms can make some aspects of agile and devops easier, but not without adjustments. Here's how to modify your team's best practices for SaaS and low-code environments. By Isaac Sacolick Oct 22, 2024 9 mins Agile Development SaaS Devops feature 6 ways to apply automation in devsecops Automation should serve as a foundational principle for approaching every security challenge. Here’s how automation can help you secure software development processes. By Shashank Srivastava Sep 30, 2024 9 mins DevSecOps CI/CD Application Security Resources Videos