CVE-2025-24457

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2024.3.55417

Description The issue is related to the exposure of permanent tokens in logs, potentially allowing an attacker to obtain encrypted user credentials. This could be exploited through the registration files, leading to information disclosure.

Recommendations For versions prior to 2024.3.55417, update to version 2024.3.55417 or later to resolve the issue. As a temporary workaround, consider restricting access to log files to minimize the risk of exploitation. Additionally, review and limit the use of permanent tokens in the application to reduce the potential impact of this issue.