Lucene search
JetBrainsCVELIST:CVE-2022-47895HistoryDec 22, 2022 - 10:25 a.m.
CVE-2022-47895
2022-12-2210:25:41
JetBrains
www.cve.org
4
jetbrains intellij idea
cve-2022-47895
security issue
validate jsp file
http protocol
jar files
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
51.6%
In JetBrains IntelliJ IDEA before 2022.3.1 the βValidate JSP Fileβ action used the HTTP protocol to download required JAR files.
CNA Affected
[
{
"vendor": "JetBrains",
"product": "IntelliJ IDEA",
"versions": [
{
"version": "0",
"status": "affected",
"lessThan": "2022.3.1",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2022-47895
2022-12-22 11:15:09
prion
prion
Design/Logic Flaw
2022-12-22 11:15:00
cve
cve
CVE-2022-47895
2022-12-22 11:15:09
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
51.6%
Related for CVELIST:CVE-2022-47895