Lucene search
JebrainsJETBRAINS:JETBRAINS-SECURITY-BULLETIN-Q4-2020HistoryFeb 03, 2021 - 12:00 a.m.
JetBrains Security Bulletin Q4 2020
2021-02-0300:00:00
Jebrains
blog.jetbrains.com
25
6.3 Medium
AI Score
Confidence
High
JetBrains News Security
JetBrains Security Bulletin Q4 2020
In the fourth quarter of 2020, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.
| Product | Description | Severity | Resolved in | CVE/CWE |
|---|---|---|---|---|
| Code With Me | An attacker in the local network knowing the session ID could get access to the encrypted traffic. Reported by Grigorii Liullin (CWM-1067) | Low | 2020.3 | CVE-2021-25755 |
| Datalore | Server components versions were disclosed (DL-8327, DL-8335) | Low | Not applicable | CWE-200 |
| Exception Analyzer | Information disclosure via the Exception Analyzer (SDP-1248) | Low | Not applicable | CWE-200 |
| IntelliJ IDEA | HTTP links were used for several remote repositories (IDEA-228726) | Low | 2020.2 | CVE-2021-25756 |
| IntelliJ IDEA | Potentially insecure deserialization of the workspace model (IDEA-253582) | Low | 2020.3 | CVE-2021-25758 |
| JetBrains Account | Authorization token was sent as a query parameter within Zendesk integration (JPF-10508) | Low | 2020.11 | CWE-598 |
| JetBrains Account | Open-redirect was possible (JPF-10660) | Low | 2020.10 | CWE-601 |
| JetBrains Websites | Cross-origin resource sharing was possible. Reported by Ashhad Ali (SDP-1193) | Low | Not applicable | CWE-942 |
| JetBrains Websites | Throttling was not used for a particular endpoint. Reported by Ashhad Ali (SDP-1197) | Low | Not applicable | CWE-799 |
| JetBrains Websites | Clickjacking was possible. Reported by Ashhad Ali (SDP-1203) | Low | Not applicable | CWE-1021 |
| Hub | Open-redirect was possible. Reported by Mohammed Amine El Attar (JPS-10348) | Medium | 2020.1.12629 | CVE-2021-25757 |
| Hub | An authorized user could delete the 2FA settings of any other user (JPS-10410) | Medium | 2020.1.12629 | CVE-2021-25759 |
| Hub | Information disclosure via public API (JPS-10481) | Low | 2020.1.12669 | CVE-2021-25760 |
| Kotlin | A vulnerable Java API was used for creating temporary files and folders, which could make temporary files available for other users of a system. Reported by Jonathan Leitschuh (KT-42181) | Low | 1.4.21 | CVE-2020-29582 |
| Ktor | Birthday attack on SessionStorage key was possible. Reported by Kenta Koyama (KTOR-878) | Low | 1.5.0 | CVE-2021-25761 |
| Ktor | Weak cipher suites were enabled by default. Reported by Johannes Ulfkjær Jensen (KTOR-895) | Low | 1.4.2 | CVE-2021-25763 |
| Ktor | HTTP Request Smuggling was possible. Reported by ZeddYu Lu, Kaiwen Shen, and Yaru Yang (KTOR-1116) | Low | 1.4.3 | CVE-2021-25762 |
| PhpStorm | Source code could be added to debug logs (WI-54619) | Low | 2020.3 | CVE-2021-25764 |
| YouTrack | CSRF via attachment upload. Reported by Yurii Sanin (JT-58157) | Medium | 2020.4.4701 | CVE-2021-25765 |
| YouTrack | Users enumeration via the REST API without the appropriate permissions (JT-59396, JT-59498) | Low | 2020.4.4701 | CVE-2020-25208 |
| YouTrack | Improper resource access checks (JT-59397) | Low | 2020.4.4701 | CVE-2021-25766 |
| YouTrack | Issue’s existence disclosure via the YouTrack command execution (JT-59663) | Low | 2020.6.1767 | CVE-2021-25767 |
| YouTrack | Improper permissions checks for attachment actions (JT-59900) | Low | 2020.4.4701 | CVE-2021-25768 |
| YouTrack | Improper permissions checks for attachment actions (JT-59900) | Low | 2020.4.4701 | CVE-2021-25768 |
| YouTrack | YouTrack admin wasn’t able to access attachments (JT-60824) | Low | 2020.4.6808 | CVE-2021-25769 |
| YouTrack | Server-side template injection in YouTrack InCloud. Reported by Vasily Vasilkov (JT-61449) | High | 2020.5.3123 | CVE-2021-25770 |
| YouTrack | Project information disclosure (JT-61566) | Low | 2020.6.1099 | CVE-2021-25771 |
| Space | Potential information disclosure via logs (SPACE-9343, SPACE-10969) | Low | Not applicable | CWE-532 |
| Space | An attacker could obtain limited information via SSRF while testing the connection to a mirrored repository (SPACE-9514) | High | Not applicable | CWE-918 |
| Space | Content-Type header wasn’t set for some pages (SPACE-12004) | Low | Not applicable | CWE-531 |
| Space | A REST API endpoint was available without an appropriate permissions check, which could introduce a potential DOS vector (no real exploit available). (SPACE-12288) | Low | Not applicable | CWE-732 |
| TeamCity | Reflected XSS on several pages (TW-67424, TW-68098) | Medium | 2020.2 | CVE-2021-25773 |
| TeamCity | TeamCity server DoS was possible via server integration (TW-68406, TW-68780) | Low | 2020.2 | CVE-2021-25772 |
| TeamCity | ECR token exposure in the build’s parameters (TW-68515) | Medium | 2020.2 | CVE-2021-25776 |
| TeamCity | A user could get access to the GitHub access token of another user (TW-68646) | Low | 2020.2.1 | CVE-2021-25774 |
| TeamCity | Server admin could create and see access tokens for any other users (TW-68862) | Low | 2020.2.1 | CVE-2021-25775 |
| TeamCity | Improper permissions checks during user deletion (TW-68864) | Low | 2020.2.1 | CVE-2021-25778 |
| TeamCity | Improper permissions checks during tokens removal (TW-68871) | Low | 2020.2.1 | CVE-2021-25777 |
| TeamCity | TeamCity Plugin SSRF. Vulnerability that could potentially expose user credentials. Reported by Jonathan Leitschuh (TW-69068) | High | 2020.2.85695 | CVE-2020-35667 |
If you need any further assistance, please contact our Security Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team_
The Drive to Develop_
bulletin security security bulletin
SpringShell Vulnerability in JetBrains Products and Services Next post
Subscribe to JetBrains Blog updates
Subscribe form
By submitting this form, I agree to the JetBrains Privacy Policy Notification icon
By submitting this form, I agree that JetBrains s.r.o. (“JetBrains”) may use my name, email address, and location data to send me newsletters, including commercial communications, and to process my personal data for this purpose. I agree that JetBrains may process said data using third-party services for this purpose in accordance with the JetBrains Privacy Policy. I understand that I can revoke this consent at any time in my profile. In addition, an unsubscribe link is included in each email.
Submit
Thanks, we’ve got you!
Related
cve
cve
prion
prion
Cross site scripting
2021-02-03 16:15:00
Information disclosure
2021-02-03 16:15:00
Design/Logic Flaw
2021-02-03 16:15:00
osv
osv
CVE-2021-25761
2021-02-03 16:15:14
CVE-2021-25763
2021-02-03 16:15:00
Incorrect Default Permissions in JetBrains Kotlin
2022-05-24 17:40:48
ubuntucve
ubuntucve
CVE-2020-29582
2021-02-03 00:00:00
github
github
Incorrect Default Permissions in JetBrains Kotlin
2022-05-24 17:40:48
redhatcve
redhatcve
CVE-2020-29582
2021-02-18 17:04:18
veracode
veracode
Information Disclosure
2021-10-27 02:54:35
ibm
ibm
debiancve
debiancve
CVE-2020-29582
2021-02-03 16:15:00
redhat
redhat
(RHSA-2021:3207) Moderate: Red Hat Integration Camel Quarkus Tech-Preview 2 security update
2021-08-18 09:50:40
(RHSA-2021:3205) Moderate: Red Hat Integration Camel-K 1.4 release and security update
2021-08-18 09:09:40
(RHSA-2022:5532) Important: Red Hat Fuse 7.11.0 release and security update
2022-07-07 14:16:35
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00