Lucene search
JetBrainsCVELIST:CVE-2022-40979HistorySep 23, 2022 - 10:50 a.m.
CVE-2022-40979
2022-09-2310:50:08
CWE-532
JetBrains
www.cve.org
jetbrains
teamcity
logging
password
environmental variables
perforce
executable
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.3%
In JetBrains TeamCity before 2022.04.4 environmental variables of “password” type could be logged when using custom Perforce executable
CNA Affected
[
{
"product": "TeamCity",
"vendor": "JetBrains",
"versions": [
{
"lessThan": "2022.04.4",
"status": "affected",
"version": "2022.04.4",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-40979
2022-09-23 11:15:09
cve
cve
CVE-2022-40979
2022-09-23 11:15:09
prion
prion
Design/Logic Flaw
2022-09-23 11:15:00
cnvd
cnvd
JetBrains TeamCity Information Disclosure Vulnerability
2022-09-28 00:00:00
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
5.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.3%
Related for CVELIST:CVE-2022-40979