Information Disclosure in JetBrains IntelliJ IDEA Web Server
CVE-2022-46825

4MEDIUM

Key Information:

Vendor
Jetbrains
Status
Intellij Idea
Vendor
CVE Published:
8 December 2022

Summary

In JetBrains IntelliJ IDEA prior to version 2022.3, the built-in web server was found to leak sensitive information related to open projects. This vulnerability exposes project details that should remain confidential, posing a risk to user privacy and data integrity.

Affected Version(s)

IntelliJ IDEA 0 < 2022.3

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.