Access Token Protection Flaw in JetBrains YouTrack Mobile for Android
CVE-2021-43189

7.3HIGH

Key Information:

Vendor: Jetbrains
Status: Youtrack Mobile
Vendor: CVE Published:; 9 November 2021

Summary

The JetBrains YouTrack Mobile application for Android contains a flaw in its access token protection mechanism prior to version 2021.2. This vulnerability may allow unauthorized access to sensitive token information, potentially compromising user accounts and associated data. It underscores the importance of implementing robust security measures to protect access tokens from unintended exposure.

References

https://blog.jetbrains.com/blog/2021/11/08/jetbrains-secu...

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 9, 2021
Vulnerability Reserved
Nov 2, 2021