Plattform
teamcity
Komponente
teamcity
Behoben in
2025.07
CVE-2025-54529 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in JetBrains TeamCity. This flaw allows an attacker to potentially trigger unauthorized actions within the external OAuth login integration process. The vulnerability affects TeamCity versions prior to 2025.07, and a patch is available in version 2025.07.
The impact of this CSRF vulnerability lies in its potential to allow an attacker to impersonate a legitimate user and perform actions on their behalf within the TeamCity environment. Specifically, an attacker could leverage this flaw to modify user settings, create or delete projects, or perform other administrative tasks, all without the user's knowledge or consent. The scope of potential damage depends on the privileges of the user whose session is being hijacked. While the CVSS score is LOW, successful exploitation could still compromise sensitive data or disrupt TeamCity operations.
This vulnerability was publicly disclosed on 2025-07-28. No public proof-of-concept (POC) code has been released at the time of writing. The vulnerability is not currently listed on the CISA KEV catalog. Given the relatively low CVSS score and lack of public exploits, the probability of active exploitation is currently considered low.
Organizations utilizing JetBrains TeamCity with external OAuth login integrations are at risk. This includes teams relying on OAuth for authentication with third-party services, particularly those with legacy TeamCity configurations or those who have not recently updated their TeamCity instance.
• java / server:
ps -ef | grep TeamCity• java / server:
journalctl -u teamcity-server | grep -i "oauth"• generic web:
curl -I https://teamcity.example.com/oauth/authorize• generic web:
grep -r "oauth_token" /var/log/apache2/access.logdisclosure
Exploit-Status
EPSS
0.00% (0% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-54529 is to upgrade TeamCity to version 2025.07 or later, which includes the fix for this vulnerability. If immediate upgrading is not possible, consider implementing stricter OAuth configuration policies to limit the scope of actions that can be performed through the integration. Additionally, implement robust input validation and output encoding practices to prevent CSRF attacks in general. Review TeamCity's OAuth integration settings and ensure they adhere to security best practices.
Aktualisieren Sie TeamCity auf Version 2025.07 oder höher. Dies behebt die CSRF-Vulnerabilität in der externen OAuth-Login-Integration. Konsultieren Sie die JetBrains-Website für Anweisungen zum Aktualisieren von TeamCity.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-54529 is a Cross-Site Request Forgery (CSRF) vulnerability affecting JetBrains TeamCity versions before 2025.07, allowing attackers to trigger unauthorized actions within the OAuth login flow.
If you are using JetBrains TeamCity versions 0–2025.07 and have external OAuth login integrations enabled, you are potentially affected by this vulnerability.
Upgrade JetBrains TeamCity to version 2025.07 or later to remediate the vulnerability. Consider temporary workarounds like stricter input validation if immediate upgrade is not possible.
As of the current disclosure date, there are no confirmed reports of active exploitation, but organizations should still prioritize patching to mitigate the risk.
Refer to the official JetBrains security advisory for CVE-2025-54529 on the JetBrains website for detailed information and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.