PT-2020-12782 · Jetbrains+1 · Pycharm+1

Ruby Nealon

Published

2020-04-10

Updated

2022-04-06

CVE-2020-11694

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions JetBrains PyCharm versions 2019.2.5 through 2019.2.5 JetBrains PyCharm versions 2019.3 through 2019.3

Description The issue concerns the inclusion of Apple Notarization Service credentials in certain versions of JetBrains PyCharm on Windows.

Recommendations For version 2019.2.5, update to version 2019.2.6 to resolve the issue. For version 2019.3, update to version 2019.3.3 to resolve the issue.

Exploit

Fix

Cleartext Storage of Sensitive Information

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-312CWE-522

Related Identifiers

CVE-2020-11694

Affected Products

Notarization Service

Pycharm

PT-2020-12782 · Jetbrains+1 · Pycharm+1

CVE-2020-11694

Weakness Enumeration

Related Identifiers

Affected Products

References · 6