Session Timeout Misconfiguration in JetBrains Space
CVE-2020-11795

7.5HIGH

Key Information:

Vendor: Jetbrains
Status: Space
Vendor: CVE Published:; 22 April 2020

Summary

In JetBrains Space prior to April 22, 2020, the session timeout period was improperly configured, potentially allowing unauthorized access to sensitive user sessions. This misconfiguration could lead to sessions remaining active longer than necessary, compromising user security and data integrity.

References

https://blog.jetbrains.com/blog/2020/04/22/jetbrains-secu...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 22, 2020
Vulnerability Reserved
Apr 15, 2020