CVE-2025-54529: CSRF Vulnerability in JetBrains TeamCity OAuth Integration
This post details a Cross-Site Request Forgery (CSRF) vulnerability, CVE-2025-54529, found in JetBrains TeamCity before version 2025.07. This flaw affects the external OAuth login integration, potentially allowing attackers to perform actions on behalf of authenticated users.
Vulnerability Details
- CVE ID: CVE-2025-54529
- Description: A Cross-Site Request Forgery (CSRF) vulnerability exists in JetBrains TeamCity before version 2025.07. This vulnerability affects the external OAuth login integration, potentially allowing an attacker to trick a user into performing actions they did not intend to.
- CVSS Score: 3.7 (Low)
- CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
- CVSS Explanation:
- AV:N (Network): The vulnerability is exploitable over the network.
- AC:H (High): Exploitation requires specific conditions to exist, making it less readily exploitable.
- PR:L (Low): An attacker requires low privileges to exploit the vulnerability.
- UI:R (Required): User interaction is required to trigger the vulnerability (e.g., clicking a malicious link).
- S:U (Unchanged): The vulnerability affects only the vulnerable component.
- C:L (Low): There is limited impact on confidentiality.
- I:L (Low): There is limited impact on integrity.
- A:N (None): There is no impact on availability.
- Exploit Requirements: The attacker needs to trick a logged-in user into clicking a specially crafted link or visiting a malicious website. The attacker must also have some knowledge of the target TeamCity instance.
- Affected Vendor: JetBrains
- Affected Product: TeamCity
- Affected Version: Versions prior to 2025.07
- CWE: CWE-352 (Cross-Site Request Forgery) - This means an attacker can trick a user's browser into sending a request to a website on which they are already authenticated, potentially allowing the attacker to perform actions as that user.
Timeline of Events
- 2025-07-28: CVE Published.
- 2025-07-29: CVE Modified.
Exploitability & Real-World Risk
While the CVSS score is low, CSRF vulnerabilities can be dangerous in the right context. An attacker could potentially use this flaw to modify a TeamCity user's profile, add malicious build steps, or perform other actions, depending on the user's permissions. If TeamCity is integrated with other systems via OAuth, the impact could be more severe.
Recommendations
- Upgrade: Upgrade your JetBrains TeamCity instance to version 2025.07 or later.
- User Awareness: Educate users about the risks of clicking suspicious links.
- Review OAuth Configurations: Review and harden your TeamCity OAuth configurations.
Technical Insight
CSRF vulnerabilities typically occur when a web application does not properly validate the origin of requests. In this case, the OAuth login integration in TeamCity might be missing proper CSRF protection, allowing an attacker to forge requests that appear to come from an authenticated user.
Credit to Researcher(s)
Credit for discovering this vulnerability goes to JetBrains security team.
References
Tags
#CVE-2025-54529 #JetBrains #TeamCity #CSRF #OAuth #Security #Vulnerability
Summary: CVE-2025-54529 details a CSRF vulnerability in JetBrains TeamCity before 2025.07 affecting external OAuth login. An attacker could potentially trick a user into performing unintended actions. Upgrade to the latest version to mitigate this risk.
CVE ID: CVE-2025-54529
Risk Analysis: Successful exploitation could lead to unauthorized modification of user profiles, injection of malicious build configurations, or other actions depending on the user's privileges. This could compromise the integrity of the software development process.
Recommendation: Upgrade your JetBrains TeamCity instance to version 2025.07 or later to patch this vulnerability. Also, educate users to be cautious when clicking on links from untrusted sources.
Timeline
- 2025-07-28: CVE Published
- 2025-07-29: CVE Modified