Improper Kubernetes Connection Settings in JetBrains TeamCity
CVE-2025-26492

7.7HIGH

Key Information:

Vendor: Jetbrains
Status: Teamcity
Vendor: CVE Published:; 11 February 2025

Summary

In JetBrains TeamCity prior to version 2024.12.2, improper Kubernetes connection settings can lead to the exposure of sensitive resources. This configuration flaw may allow unauthorized access to critical data, posing significant risks to the security and integrity of the affected systems. It is crucial for users to review and update their configurations to mitigate potential security threats.

Affected Version(s)

TeamCity 0 < 2024.12.2

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Feb 11, 2025