CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-24460: In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool

4.3 CVSS

Description

In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool

Classification

CVE ID: CVE-2025-24460

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.3

Affected Products

Vendor: JetBrains

Product: TeamCity

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 16.46% (scored less or equal to compared to others)

EPSS Date: 2025-02-19 (when was this score calculated)

References

https://www.jetbrains.com/privacy-security/issues-fixed/

Timeline