Lucene search

[email protected]NVD:CVE-2022-46826

HistoryDec 08, 2022 - 6:15 p.m.

CVE-2022-46826

2022-12-0818:15:10

CWE-22

CWE-35

[email protected]

web.nvd.nist.gov

jetbrains intellij idea

web server

path traversal

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

10.5%

JSON

In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.

Affected configurations

Nvd

Node

jetbrainsintellij_ideaRange<2022.3

VendorProductVersionCPE
jetbrainsintellij_idea*cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jetbrains	intellij_idea	*	cpe:2.3:a:jetbrains:intellij_idea::::::::

References

www.jetbrains.com/privacy-security/issues-fixed/

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

10.5%

JSON

Related for NVD:CVE-2022-46826

cve1 cvelist1 prion1