PT-2019-12666 · Jetbrains · Jetbrains Upsource

Published

2019-10-02

Updated

2021-01-26

CVE-2019-12157

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions JetBrains UpSource versions prior to 2018.2 build 1293

Description The issue concerns credential disclosure through RPC commands, potentially allowing unauthorized access to sensitive information.

Recommendations For versions prior to 2018.2 build 1293, update to a version that includes the fix for this issue, specifically 2018.2 build 1293 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2019-12157

Affected Products

Jetbrains Upsource

PT-2019-12666 · Jetbrains · Jetbrains Upsource

CVE-2019-12157

Weakness Enumeration

Related Identifiers

Affected Products

References · 3