Email Throttling Flaw in JetBrains Hub Software by JetBrains
CVE-2022-45471

3.5LOW

Key Information:

Vendor
Jetbrains
Status
Hub
Vendor
CVE Published:
18 November 2022

Summary

In JetBrains Hub prior to version 2022.3.15181, the application did not implement proper throttling mechanisms when sending emails to certain addresses. This oversight could allow for email spamming, potentially leading to overflow and security concerns for users reliant on the platform for communication.

Affected Version(s)

Hub 0 < 2022.3.15181

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:
3.5
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.