What the vulnerability does
01Description
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Key dates
02Disclosure timeline
January 21, 2025
CVE published
January 21, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-62647
CVE-2016-9575
CVE-2026-0831 Templately <= 3.4.8 - Unauthenticated Limited Arbitrary JSON File Write
CVE-2024-39905 Red-DiscordBot vulnerable to Incorrect Authorization in commands API
CVE-2026-32023 OpenClaw < 2026.2.24 - Approval Gating Bypass via Dispatch-Wrapper Depth-Cap Mismatch in system.run
