Permanent Token Exposure in JetBrains YouTrack - JetBrains
CVE-2025-24457

5.5MEDIUM

Key Information:

Vendor: Jetbrains
Status: Youtrack
Vendor: CVE Published:; 21 January 2025

What is CVE-2025-24457?

In JetBrains YouTrack versions prior to 2024.3.55417, an issue has been identified where permanent tokens may inadvertently be exposed in application logs. This vulnerability can potentially allow unauthorized access to sensitive authentication tokens, leading to security risks for users. It is essential for users running affected versions to review their log management practices and update to the latest version of YouTrack to mitigate any potential risks. For further information and guidance on this issue, please refer to JetBrains' official security update page.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

YouTrack 0 < 2024.3.55417

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 21, 2025
Vulnerability Reserved
Jan 21, 2025

JSON

Jetbrains