CVE-2025-31141
published 2025-03-27CVE-2025-31141: In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
PriorityP336high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.34%
26.2th percentile
In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jetbrains | teamcity | < 2025.03 | 2025.03 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vendor_oracle6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-58q6-pf3m-3mmp: In JetBrains TeamCity before 2025
ghsa_unreviewed·2025-03-27
CVE-2025-31141 [LOW] CWE-209 GHSA-58q6-pf3m-3mmp: In JetBrains TeamCity before 2025
In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
Oracle
Oracle Oracle Communications Applications Risk Matrix: Third Party (Apache Kafka) — CVE-2024-31141
vendor_oracle·2025-07-15·CVSS 6.5
CVE-2024-31141 [MEDIUM] Oracle Oracle Communications Applications Risk Matrix: Third Party (Apache Kafka) — CVE-2024-31141
Oracle Oracle Communications Applications Risk Matrix: Third Party (Apache Kafka) vulnerability
CVE: CVE-2024-31141
CVSS: 6.5
Protocol: HTTP
Remote exploit: No
Affected versions: Network
Advisory: cpujul2025 (JUL 2025)
Oracle
Oracle Oracle Communications Applications Risk Matrix: Microservices (Apache Kafka) — CVE-2024-31141
vendor_oracle·2025-04-15·CVSS 6.5
CVE-2024-31141 [MEDIUM] Oracle Oracle Communications Applications Risk Matrix: Microservices (Apache Kafka) — CVE-2024-31141
Oracle Oracle Communications Applications Risk Matrix: Microservices (Apache Kafka) vulnerability
CVE: CVE-2024-31141
CVSS: 6.5
Protocol: HTTP
Remote exploit: No
Affected versions: Network
Advisory: cpuapr2025 (APR 2025)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-27
Published