Lucene search
JetBrainsCVELIST:CVE-2022-34894HistoryJul 01, 2022 - 9:00 a.m.
CVE-2022-34894
2022-07-0109:00:15
CWE-284
JetBrains
www.cve.org
3
jetbrains hub
access control
hijacking
untrusted services
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
31.3%
In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services
CNA Affected
[
{
"product": "Hub",
"vendor": "JetBrains",
"versions": [
{
"lessThan": "2022.2.14799",
"status": "affected",
"version": "2022.2.14799",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-34894
2022-07-01 10:15:10
nvd
nvd
CVE-2022-34894
2022-07-01 10:15:10
prion
prion
Improper access control
2022-07-01 10:15:00
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Jetbrains Hub
2022-09-01 21:08:19
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
5.6
Confidence
High
EPSS
0.001
Percentile
31.3%
Related for CVELIST:CVE-2022-34894