Em JetBrains TeamCity anterior a 2025.07, um CSRF era possível na integração de login OAuth externo
Plataforma
teamcity
Componente
teamcity
Corrigido em
2025.07
CVE-2025-54529 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in JetBrains TeamCity. This flaw allows an attacker to potentially trigger unauthorized actions within the external OAuth login integration process. The vulnerability affects TeamCity versions prior to 2025.07, and a patch is available in version 2025.07.
Impacto e Cenários de Ataquetraduzindo…
The CSRF vulnerability in TeamCity allows an attacker to craft malicious requests that appear to originate from a legitimate user. If a user is authenticated and visits a crafted URL, the attacker can potentially trigger actions within the OAuth login flow without the user's knowledge or consent. This could lead to account takeover, unauthorized data access, or other malicious activities depending on the permissions associated with the OAuth integration. The impact is considered low due to the requirement of user interaction and the specific context of the OAuth login flow.
Contexto de Exploraçãotraduzindo…
This vulnerability was publicly disclosed on 2025-07-28. No known public proof-of-concept exploits are currently available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. The low CVSS score suggests a relatively low probability of exploitation, but organizations should still prioritize patching to eliminate the risk.
Quem Está em Riscotraduzindo…
Organizations utilizing JetBrains TeamCity with external OAuth login integrations are at risk. This includes teams relying on OAuth for authentication with third-party services, particularly those with legacy TeamCity configurations or those who have not recently updated their TeamCity instance.
Passos de Detecçãotraduzindo…
• java / server:
ps -ef | grep TeamCity• java / server:
journalctl -u teamcity-server | grep -i "oauth"• generic web:
curl -I https://teamcity.example.com/oauth/authorize• generic web:
grep -r "oauth_token" /var/log/apache2/access.logLinha do Tempo do Ataque
- Disclosure
disclosure
Inteligência de Ameaças
Status do Exploit
EPSS
0.00% (percentil 0%)
CISA SSVC
Vetor CVSS
O que significam essas métricas?
- Attack Vector
- Rede — explorável remotamente pela internet. Sem acesso físico ou local necessário.
- Attack Complexity
- Alta — exige condição de corrida, configuração não padrão ou circunstâncias específicas.
- Privileges Required
- Baixo — qualquer conta de usuário válida é suficiente.
- User Interaction
- Necessária — a vítima deve abrir um arquivo, clicar em um link ou visitar uma página.
- Scope
- Inalterado — impacto limitado ao componente vulnerável.
- Confidentiality
- Baixo — acesso parcial ou indireto a alguns dados.
- Integrity
- Baixo — o atacante pode modificar alguns dados com alcance limitado.
- Availability
- Nenhum — sem impacto na disponibilidade.
Software Afetado
Classificação de Fraqueza (CWE)
Linha do tempo
- Reservado
- Publicada
- EPSS atualizado
Mitigação e Soluções Alternativastraduzindo…
The primary mitigation for CVE-2025-54529 is to upgrade TeamCity to version 2025.07 or later, which includes the fix. If upgrading immediately is not feasible, consider implementing stricter input validation and output encoding within the OAuth integration to reduce the attack surface. Review and restrict OAuth scopes granted to third-party applications to minimize potential damage. Implement CSRF protection mechanisms, such as synchronizer tokens or double-submit cookies, within the OAuth login process as a temporary workaround. After upgrading, confirm the fix by attempting a CSRF attack on the OAuth login endpoint and verifying that the request is rejected.
Como corrigir
Atualize TeamCity para a versão 2025.07 ou posterior. Isso corrigirá a vulnerabilidade CSRF na integração de login OAuth externo. Consulte o site da JetBrains para obter instruções sobre como atualizar TeamCity.
Boletim de Segurança CVE
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
Perguntas frequentestraduzindo…
What is CVE-2025-54529 — CSRF in JetBrains TeamCity?
CVE-2025-54529 is a Cross-Site Request Forgery (CSRF) vulnerability affecting JetBrains TeamCity versions before 2025.07, allowing attackers to trigger unauthorized actions within the OAuth login flow.
Am I affected by CVE-2025-54529 in JetBrains TeamCity?
If you are using JetBrains TeamCity versions 0–2025.07 and have external OAuth login integrations enabled, you are potentially affected by this vulnerability.
How do I fix CVE-2025-54529 in JetBrains TeamCity?
Upgrade JetBrains TeamCity to version 2025.07 or later to remediate the vulnerability. Consider temporary workarounds like stricter input validation if immediate upgrade is not possible.
Is CVE-2025-54529 being actively exploited?
As of the current disclosure date, there are no confirmed reports of active exploitation, but organizations should still prioritize patching to mitigate the risk.
Where can I find the official JetBrains advisory for CVE-2025-54529?
Refer to the official JetBrains security advisory for CVE-2025-54529 on the JetBrains website for detailed information and updates.
Seu projeto está afetado?
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.