CVE-2023-51655

6.3MEDIUM

Key Information

Vendor
JetBrains
Status
IntelliJ IDEA
Vendor
CVE Published:
21 December 2023

Summary

In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration

Affected Version(s)

IntelliJ IDEA < 2023.3.2

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability Reserved.

  • Vulnerability published.

Collectors

NVD DatabaseMitre Database
.