CVE-2026-49377: JetBrains TeamCity Sensitive Data Exposure via Default Agent Parameters
JetBrains TeamCity contains a configuration flaw where default agent parameters inadvertently expose sensitive data to authenticated users. An attacker with valid login credentials can access information through TeamCity's agent configuration that should remain restricted. This is a network-accessible issue affecting TeamCity deployments before version 2025.11.2, though the vulnerability requires prior authentication to exploit.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 4.3 MEDIUM · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Weaknesses (CWE)
- CWE-526
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-05-29 / 2026-06-17
NVD description (verbatim)
In JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parameters
1 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-49377 is an information disclosure vulnerability in JetBrains TeamCity stemming from improper handling of default agent parameters. The flaw allows authenticated users to retrieve sensitive data that is inadequately protected in the agent configuration layer. The vulnerability is classified under CWE-526 (Exposure of Sensitive Information to an Unauthorized Actor) and carries a CVSS 3.1 score of 4.3 (Medium severity). The attack vector is network-based, requires low complexity, and necessitates prior authentication (PR:L), resulting in limited confidentiality impact with no integrity or availability consequences.
Business impact
For organizations running TeamCity as a continuous integration/continuous deployment platform, this vulnerability poses a data leakage risk to authenticated users—including potentially compromised internal accounts or malicious insiders. Exposed sensitive data from agent parameters could include API keys, credentials, environment configurations, or other CI/CD secrets that downstream systems depend on. While the direct blast radius is limited to information disclosure, exfiltrated credentials or configuration details could enable lateral movement or unauthorized access to dependent systems. The medium severity rating reflects that exploitation requires prior authentication, reducing but not eliminating organizational risk.
Affected systems
JetBrains TeamCity versions before 2025.11.2 are affected. All deployment architectures (cloud, on-premises, self-hosted) running vulnerable versions are in scope. The issue impacts the agent parameter subsystem specifically, meaning any TeamCity installation with active build agents is potentially affected. Users with authentication access—developers, CI/CD engineers, administrators, or compromised internal accounts—can trigger the exposure.
Exploitability
This vulnerability requires valid TeamCity login credentials to exploit; unauthenticated remote exploitation is not possible. The attack complexity is low, meaning an attacker with valid access can reliably retrieve sensitive data through normal agent configuration queries or API interactions without special conditions. There is no known public exploit or KEV (Known Exploited Vulnerability) designation. However, the ease of exploitation post-authentication makes this a concern for organizations with weak access controls or credential compromise scenarios.
Remediation
Upgrade to JetBrains TeamCity 2025.11.2 or later to patch the default agent parameter exposure. Organizations unable to patch immediately should restrict access to TeamCity through network segmentation, enforce multi-factor authentication for all user accounts, audit and rotate any credentials or API keys that may have been exposed via agent parameters, and monitor TeamCity logs for suspicious access to agent configuration endpoints.
Patch guidance
Apply the TeamCity 2025.11.2 release or later as soon as feasible. Consult the official JetBrains security advisory and release notes to confirm patch applicability to your specific deployment model (cloud vs. on-premises). Test patches in a non-production environment before rollout. If immediate patching is not viable, prioritize credential rotation and access restriction as interim mitigations.
Detection guidance
Monitor TeamCity audit logs for unusual access to agent configuration pages or APIs, particularly by non-administrative accounts or service accounts. Search logs for queries to agent parameter endpoints (e.g., GET requests to /app/rest/agents or related API paths). Correlate access patterns with known user roles to identify anomalous queries. If possible, enable verbose logging on the agent subsystem to capture parameter retrieval events. Additionally, review TeamCity's built-in audit trail for any access to sensitive configuration data by privileged accounts that may indicate account compromise.
Why prioritize this
Although rated Medium severity and requiring authentication, this vulnerability affects a critical infrastructure component (CI/CD platform) with high trust. Compromised agent parameters directly expose operational secrets. Organizations with strong authentication controls can deprioritize slightly; those with weaker credential hygiene or public-facing TeamCity instances should prioritize patching. The lack of KEV designation and low exploit complexity post-authentication suggests no active mass exploitation, but the sensitivity of CI/CD secrets warrants timely remediation.
Risk score, explained
The CVSS 3.1 score of 4.3 (Medium) reflects low-impact confidentiality loss (limited scope, no integrity/availability impact) tempered by the authentication requirement (PR:L). The network vector acknowledges remote access, and low complexity indicates ease of exploitation once authenticated. The score would be higher if the vulnerability enabled unauthenticated access or allowed credential modification; it remains medium because impact is strictly informational and access control gates exploitation.
Frequently asked questions
Do I need TeamCity internet-facing for this vulnerability to matter?
No. Any TeamCity deployment—internal, on-premises, or cloud—accessible to authenticated users is affected. The risk scales with authentication security; weak passwords, credential reuse, or compromised accounts dramatically increase exploitation likelihood.
What kind of sensitive data can be exposed via default agent parameters?
Agent parameters can include API keys, authentication tokens, database passwords, service credentials, environment variables, and build secrets. The exact data exposed depends on what your organization stores in TeamCity's agent configuration. Audit your agent setup to understand what's at risk.
Is there a workaround if I can't patch immediately?
Partial mitigations include: restrict TeamCity access via network/firewall rules, enforce MFA on all accounts, rotate any credentials stored in agent parameters, and closely monitor audit logs for parameter access. These reduce but do not eliminate risk; patching to 2025.11.2+ is the only complete fix.
Does this affect TeamCity cloud-hosted vs. self-hosted differently?
The vulnerability exists in both deployment models. JetBrains cloud instances should receive patches first through managed updates; self-hosted users must manually update. Check your deployment model and apply 2025.11.2+ accordingly.
This analysis is provided for informational and defensive security purposes. SEC.co does not provide exploit code or weaponized proof-of-concept instructions. CVSS scores, affected versions, KEV status, and patch information are sourced from authoritative vendor advisories and NVD records; verify independently before deployment decisions. Organizational risk varies based on deployment architecture, access controls, and stored credential practices. Consult JetBrains' official security advisory for the most current patch status and vendor guidance. Source: NVD (public-domain), retrieved 2026-07-08. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-49369MEDIUMJetBrains YouTrack Information Disclosure in Users and Groups Pages
- CVE-2026-49375MEDIUMTeamCity Reflected XSS on Repository Download Page – Patch Guidance
- CVE-2026-49376MEDIUMJetBrains TeamCity SAML Username Validation Bypass
- CVE-2026-49378MEDIUMTeamCity Credential Exposure via Parameter Autocompletion
- CVE-2026-49379MEDIUMJetBrains TeamCity Credential Exposure in Thread Names
- CVE-2026-49382MEDIUMIntelliJ IDEA Copyright Plugin Template Injection RCE
- CVE-2026-49384MEDIUMStored XSS in JetBrains PyCharm Jupyter Notebooks
- CVE-2026-49385MEDIUMJetBrains YouTrack Service Account Privilege Escalation