CVE-2025-67740
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-11
Last updated on: 2025-12-15
Assigner: JetBrains s.r.o.
Description
Description
In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadata
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jetbrains | teamcity | to 2025.11 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in JetBrains TeamCity versions before 2025.11 involves improper access control that could expose metadata related to GitHub App tokens.
How can this vulnerability impact me? :
The vulnerability could lead to unauthorized exposure of GitHub App token metadata, potentially allowing attackers to gain information that might be used to compromise integrations or access controls, though the impact is limited to confidentiality with no integrity or availability impact.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70