PT-2022-19853 · Jetbrains · Pycharm

Published

2022-04-28

Updated

2022-05-05

CVE-2022-29820

CVSS v3.1

3.5

Low

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions JetBrains PyCharm versions prior to 2022.1

Description The issue concerns the exposure of the debugger port to the internal network in JetBrains PyCharm. This exposure was possible due to a flaw in the software. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. The flaw allows for the exposure of the debugger port, which could potentially be used for malicious activities.

Recommendations For versions prior to 2022.1, update to version 2022.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the debugger port to minimize the risk of exploitation.

Fix

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1327CWE-668

Related Identifiers

CVE-2022-29820

Affected Products

Pycharm

PT-2022-19853 · Jetbrains · Pycharm

CVE-2022-29820

Weakness Enumeration

Related Identifiers

Affected Products

References · 6