7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.5%
JetBrains Security
In the fourth quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.
Product | Description | Severity | Resolved in | CVE/CWE |
---|---|---|---|---|
Datalore | Another user’s database could be attached (DL-9779) | High | Not applicable | Not applicable |
Hub | JetBrains Account integration exposed API keys with excessive permissions. Reported by Yurii Sanin (HUB-10958) | High | 2021.1.13890 | CVE-2022-24327 |
Hub | An unprivileged user could perform a DoS. Reported by Yurii Sanin (HUB-10976) | High | 2021.1.13956 | CVE-2022-24328 |
IntelliJ IDEA | Code could be executed without the user’s permission on opening a project (IDEA-243002, IDEA-277306, IDEA-282396, IDEA-275917) | Medium | 2021.2.4 | CVE-2022-24345 |
IntelliJ IDEA | Potential LCE via RLO (Right-to-Left Override) characters (IDEA-284150) | Medium | 2021.3.1 | CVE-2022-24346 |
JetBrains Blog | Blind SQL injection. Reported by Khan Janny (BLOG-45) | Medium | Not applicable | Not applicable |
Kotlin | No ability to lock dependencies for Kotlin Multiplatform Gradle projects. Reported by Carter Jernigan (KT-49449) | Medium | 1.6.0 | CVE-2022-24329 |
Kotlin websites | Clickjacking at kotlinlang.org (KTL-588) | Medium | Not applicable | Not applicable |
Remote Development | Unexpected open port on backend server. Please refer to this blog post for additional details. Reported by Damian Gwiżdż (GTW-894) | High | Not 2021.3.1 | CVE-2021-45977 |
Space | Missing permission check in an HTTP API response (SPACE-15991) | High | Not applicable | Not applicable |
TeamCity | A redirect to an external site was possible (TW-71113) | Low | 2021.2.1 | CVE-2022-24330 |
TeamCity | Logout failed to remove the “Remember Me” cookie (TW-72969) | Low | 2021.2 | CVE-2022-24332 |
TeamCity | GitLab authentication impersonation. Reported by Christian Pedersen (TW-73375) | High | 2021.1.4 | CVE-2022-24331 |
TeamCity | The “Agent push” feature allowed any private key on the server to be selected (TW-73399) | Low | 2021.2.1 | CVE-2022-24334 |
TeamCity | Blind SSRF via an XML-RPC call. Reported by Artem Godin (TW-73465) | Medium | 2021.2 | CVE-2022-24333 |
TeamCity | Time-of-check/Time-of-use (TOCTOU) vulnerability in agent registration via XML-RPC. Reported by Artem Godin (TW-73468) | High | 2021.2 | CVE-2022-24335 |
TeamCity | An unauthenticated attacker could cancel running builds via an XML-RPC request to the TeamCity server. Reported by Artem Godin (TW-73469) | Medium | 2021.2.1 | CVE-2022-24336 |
TeamCity | Pull-requests’ health items were shown to users without appropriate permissions (TW-73516) | Low | 2021.2 | CVE-2022-24337 |
TeamCity | Stored XSS. Reported by Yurii Sanin (TW-73737) | Medium | 2021.2.1 | CVE-2022-24339 |
TeamCity | URL injection leading to CSRF. Reported by Yurii Sanin (TW-73859) | Medium | 2021.2.1 | CVE-2022-24342 |
TeamCity | Changing a password failed to terminate sessions of the edited user (TW-73888) | Low | 2021.2.1 | CVE-2022-24341 |
TeamCity | XXE during the parsing of a configuration file (TW-73932) | Medium | 2021.2.1 | CVE-2022-24340 |
TeamCity | Reflected XSS (TW-74043) | Medium | 2021.2.1 | CVE-2022-24338 |
TeamCity | Stored XSS on the Notification templates page (JT-65752)) | Low | 2021.4.31698 | CVE-2022-24344 |
YouTrack | A custom logo could be set with read-only permissions (JT-66214) | Low | 2021.4.31698 | CVE-2022-24343 |
YouTrack | Stored XSS via project icon. Reported by Yurii Sanin (JT-67176) | Medium | 2021.4.36872 | CVE-2022-24347 |
If you need any further assistance, please contact our Security Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team_
The Drive to Develop_
security security bulletin
SpringShell Vulnerability in JetBrains Products and Services Next post
Subscribe form
By submitting this form, I agree to the JetBrains Privacy Policy Notification icon
By submitting this form, I agree that JetBrains s.r.o. (“JetBrains”) may use my name, email address, and location data to send me newsletters, including commercial communications, and to process my personal data for this purpose. I agree that JetBrains may process said data using third-party services for this purpose in accordance with the JetBrains Privacy Policy. I understand that I can revoke this consent at any time in my profile. In addition, an unsubscribe link is included in each email.
Submit
Thanks, we’ve got you!
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.5%