\u901a\u5e38\u8cc7\u5b89\u696d\u8005\u53ca\u8edf\u9ad4\u516c\u53f8\u91dd\u5c0d\u5b89\u5168\u6f0f\u6d1e\u7684\u65b0\u805e\u5728\u6b64\u544a\u4e00\u6bb5\u843d\uff0c\u4f46Rapid7\u537b\u5c0dJetBrains\u6f0f\u6d1e\u4fee\u88dc\u672a\u544a\u77e5\u611f\u5230\u4e0d\u6eff\u3002\u96d9\u65b9\u57282\u6708\u4e2d\u9996\u6b21\u53d6\u5f97\u806f\u7e6b\uff0c2\u670820\u65e5Rapid7\u63d0\u4f9b\u4e8c\u9805\u6f0f\u6d1e\u7684\u6280\u8853\u7d30\u7bc0\uff0c\u4e5f\u63d0\u53ca\u300c\u5354\u540c\u63ed\u9732\u300d\uff08coordinated disclosure\uff09\u7684\u91cd\u8981\u6027\uff0c\u8981\u6c42JetBrains\u63d0\u4f9b\u4fee\u88dc\u6642\u7a0b\u3001\u7de9\u89e3\u65b9\u6cd5\u53ca\u5f71\u97ff\u7684\u8edf\u9ad4\u7248\u672c\u7b49\u8cc7\u8a0a\u3002\u4f46JetBrains\u53cd\u5012\u5efa\u8b70\u5148\u6697\u4e2d\u4fee\u88dc\u518d\u516c\u958b\u6f0f\u6d1e\u8cc7\u8a0a\uff0c\u9019\u6642Rapid7\u8b66\u544a\u672a\u544a\u77e5\u4fee\u88dc\u662f\u6240\u8b02\u300c\u975c\u9ed8\u4fee\u88dc\u300d\uff08silent patching\uff09\u884c\u70ba\uff0c\u9055\u53cd\u5176\u653f\u7b56\u3002<\/p>\n\n\n\n
Rapid7\u7684\u975c\u9ed8\u4fee\u88dc\u662f\u6307\uff0c\u8edf\u9ad4\u696d\u8005\u5c0d\u8cc7\u5b89\u5ee0\u5546\u901a\u5831\u7684\u6f0f\u6d1e\uff0c\u5728\u795e\u4e0d\u77e5\u9b3c\u4e0d\u89ba\u60c5\u6cc1\u4e0b\u4fee\u88dc\u8d77\u4f86\u3002\u4e0d\u516c\u958b\u6b78\u529f\u65bc\u8cc7\u5b89\u7814\u7a76\u4eba\u54e1\uff0c\u96b1\u85cf\u6f0f\u6d1e\u6280\u8853\u7d30\u7bc0\u3001\u653b\u64ca\u624b\u6cd5\u3001\u4e5f\u4e0d\u767c\u5e03\u6f0f\u6d1e\u7de8\u865f\uff0c\u8a8d\u70ba\u6108\u5c11\u4eba\u77e5\u9053\u5c0d\u7528\u6236\u6108\u5b89\u5168\u3002\u4f46Rapid7\u6307\u51fa\uff0c\u9019\u7a2e\u4f5c\u6cd5\u53ea\u6703\u8b93\u5c11\u90e8\u4efd\u653b\u64ca\u8005\u548c\u60e1\u610f\u4eba\u58eb\u7368\u64c1\u653b\u64ca\u624b\u6cd5\u53ca\u9632\u885b\u77e5\u8b58\uff0c\u53cd\u800c\u9677\u5927\u773e\u65bc\u96aa\u5883\u3002<\/p>\n\n\n\n
\u5728\u96d9\u65b9\u6e9d\u901a\u672a\u679c\u5f8c\uff0c3\u67084\u65e5Rapid7\u767c\u73feJetBrains\u5df2\u767c\u51fa\u5b89\u5168\u516c\u544a\u767c\u5e03\u8edf\u9ad4\u66f4\u65b0\u7248\u672c\uff0c\u5373\u5df2\u5728\u672a\u544a\u77e5\u60c5\u6cc1\u4e0b\u4fee\u88dc\u4e86\u6f0f\u6d1e\u3002Rapid7\u6307\u63a7JetBrains\u7684\u975c\u9ed8\u4fee\u88dc\u884c\u70ba\uff0c\u63da\u8a00\u5c07\u572824\u5c0f\u6642\u5167\u516c\u5e03\u6f0f\u6d1e\u7d30\u7bc0\u3002\u7576\u5929Rapid7\u65bc\u662f\u516c\u5e03\u4e86\u6f0f\u6d1e\u6280\u8853\u7d30\u7bc0\u3002\u540c\u4e00\u5929JetBrains\u6b63\u5f0f\u767c\u5e03\u65b0\u7684\u5b89\u5168\u516c\u544a\uff0c\u5305\u62ec\u6f0f\u6d1e\u7de8\u865f\u53ca\u767c\u5e03\u8aaa\u660e\u3002<\/p>\n\n\n
![\"\"](\"https:\/\/i0.wp.com\/s4.itho.me\/sites\/default\/files\/images\/0306-TeamCity-CVE-Rapid%207.jpg?w=640&ssl=1\")
<\/a><\/figure>\n<\/div>\n\n\n\u53e6\u4e00\u5bb6\u8cc7\u5b89\u696d\u8005Shadowserver\u5075\u6e2c\u5230\uff0c\u5df2\u7d93\u6709\u91dd\u5c0dTeamCity CVE-2024-27198\u6f0f\u6d1e\u7684\u6feb\u7528\u7a0b\u5f0f\uff0c\u76ee\u524d\u5df2\u6383\u7784\u523016\u500b\u4f86\u6e90IP\u4f4d\u5740\u3002<\/p>\n\n\n\n
JetBrains\u8868\u793a\uff0c\u516c\u53f8\u653f\u7b56\u4e00\u822c\u4fdd\u7559\u4e0d\u516c\u958b\u6280\u8853\u7d30\u7bc0\uff0c\u8b93\u5ba2\u6236\u6709\u6642\u9593\u90e8\u7f72\u9632\u8b77\u3002\u8a72\u516c\u53f8\u63d0\u4f9b2\u9805\u65b9\u6848\uff0c\u4e00\u662f\u5347\u7d1aTeamCity\u4f3a\u670d\u5668\u52302023.11.4\u7248\u672c\uff0c\u4e8c\u662f\u4fee\u88dc\u7a0b\u5f0f\u5916\u639b\uff0c\u4f9b\u4f86\u4e0d\u53ca\u5b89\u88dd\u4fee\u88dc\u7a0b\u5f0f\u7684\u7528\u6236\u5b89\u88dd\u3002<\/p>\n\n\n
![\"\"](\"https:\/\/i0.wp.com\/s4.itho.me\/sites\/default\/files\/images\/0306-TeamCity-CVE-600.jpg?w=640&ssl=1\")
<\/a><\/figure>\n<\/div>\n\n\n