Lucene search

[email protected]NVD:CVE-2022-48477

HistoryApr 24, 2023 - 1:15 p.m.

CVE-2022-48477

2023-04-2413:15:07

CWE-918

[email protected]

web.nvd.nist.gov

jetbrains hub

ssrf protection

auth module integration

before 2023.1.15725

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing

Affected configurations

Nvd

Node

jetbrainshubRange<2023.1.15725

VendorProductVersionCPE
jetbrainshub*cpe:2.3:a:jetbrains:hub:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jetbrains	hub	*	cpe:2.3:a:jetbrains:hub::::::::

References

www.jetbrains.com/privacy-security/issues-fixed/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

Related for NVD:CVE-2022-48477

prion1 cve1 cvelist1