PT-2019-19876 · Jetbrains · Intellij Idea

Publicado

2019-07-03

Atualizado

2020-08-24

CVE-2019-9823

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions JetBrains IntelliJ IDEA versions prior to 2018.3.5 JetBrains IntelliJ IDEA versions prior to 2018.2.8 JetBrains IntelliJ IDEA versions prior to 2018.1.8

Description The issue arises when creating remote run configurations of JavaEE application servers in JetBrains IntelliJ IDEA, resulting in the storage of server credentials in cleartext within the IDE configuration files.

Recommendations For versions prior to 2018.3.5, update to version 2018.3.5 or later. For versions prior to 2018.2.8, update to version 2018.2.8 or later. For versions prior to 2018.1.8, update to version 2018.1.8 or later.

Correção

Insufficiently Protected Credentials

Cleartext Storage of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522CWE-312

Identificadores relacionados

CVE-2019-9823

Produtos afetados

Intellij Idea

PT-2019-19876 · Jetbrains · Intellij Idea

CVE-2019-9823

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8