Primary

Context

JetBrains TeamCity Improper Path Validation Vulnerability in Logging Preset Parameter

Vulnerability

Patched

A vulnerability exists in JetBrains TeamCity versions prior to 2025.03.1, where improper path validation in the loggingPreset parameter could be exploited.

Impact

Exploitation of this vulnerability could lead to unauthorized access or manipulation of data by bypassing normal path validation checks.

Remediation

Users can update to JetBrains TeamCity version 2025.03.1 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Affected Products

JetBrains TeamCity

Moderate fix1 remedy

cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.03.1

JetBrains YouTrack

Moderate fix2 remedies

cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*, +1 more

Moderate fix2 remedies

< 2025.1.76253
< 2025.1.74704

JetBrains Rider

Moderate fix1 remedy

cpe:2.3:a:jetbrains:rider:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.1.2

JetBrains Toolbox App

Moderate fix1 remedy

cpe:2.3:a:jetbrains:toolbox:*:*:*:*:*:*:*, +1 more

Moderate fix1 remedy

< 2.6

JetBrains IntelliJ IDEA

Moderate fix2 remedies

cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*

Moderate fix2 remedies

< 2024.3
< 2024.2.4

JetBrains GoLand

Moderate fix1 remedy

cpe:2.3:a:jetbrains:goland:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.1

JetBrains Ktor

Moderate fix1 remedy

cpe:2.3:a:jetbrains:ktor:*:*:*:*:*:*:*

Moderate fix1 remedy

< 3.1.1

JetBrains dotTrace

Moderate fix3 remedies

cpe:2.3:a:jetbrains:dottrace:*:*:*:*:*:*:*

Moderate fix3 remedies

< 2024.3.4
< 2024.2.8
< 2024.1.7

JetBrains ReSharper

Moderate fix3 remedies

cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*

Moderate fix3 remedies

< 2024.3.4
< 2024.2.8
< 2024.1.7

JetBrains Hub

Moderate fix1 remedy

cpe:2.3:a:jetbrains:hub:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3.55417

JetBrains WebStorm

Moderate fix1 remedy

cpe:2.3:a:jetbrains:webstorm:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains RubyMine

Moderate fix1 remedy

cpe:2.3:a:jetbrains:rubymine:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains DataGrip

Moderate fix1 remedy

cpe:2.3:a:jetbrains:datagrip:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains PhpStorm

Moderate fix1 remedy

cpe:2.3:a:jetbrains:phpstorm:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains PyCharm

Moderate fix1 remedy

cpe:2.3:a:jetbrains:pycharm:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains RustRover

Moderate fix1 remedy

cpe:2.3:a:jetbrains:rustrover:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains MPS

Moderate fix1 remedy

cpe:2.3:a:jetbrains:mps:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains UpSource

Moderate fix1 remedy

cpe:2.3:a:jetbrains:upsource:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2024.3

JetBrains Kotlin

Moderate fix1 remedy

cpe:2.3:a:jetbrains:kotlin:*:*:*:*:*:*:*

Moderate fix1 remedy

< 1.6.0

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

JetBrains TeamCity Improper Path Validation Vulnerability in Logging Preset Parameter

Vulnerability

Impact

Remediation

Affected Products

JetBrains TeamCity

JetBrains YouTrack

JetBrains Rider

JetBrains Toolbox App

JetBrains IntelliJ IDEA

JetBrains GoLand

JetBrains Ktor

JetBrains dotTrace

JetBrains ReSharper

JetBrains Hub

JetBrains WebStorm

JetBrains RubyMine

JetBrains DataGrip

JetBrains PhpStorm

JetBrains PyCharm

JetBrains RustRover

JetBrains MPS

JetBrains UpSource

JetBrains Kotlin

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating