Headline
CVE-2019-10101: JetBrains Security Bulletin Q1 2019 | JetBrains News
JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
FYI Security
JetBrains Security Bulletin Q1 2019
This bulletin summarizes the security vulnerabilities detected in JetBrains products and remediated in the first quarter of 2019.
These include issues reported by Jonathan Leitschuh potentially exposing a product user or a project’s infrastructure to man-in-the-middle attacks, namely
- resolving Gradle, Maven, and sbt project artifacts over an unencrypted connection in various projects; and
- generating project templates in an IDE causing the above-mentioned issue in a user’s project.
We’ve also run extended verification of the secret storage mechanism in our IDEs’ settings, and identified and fixed several cases of cleartext secret storage.
Here’s a summary report that comprises the affected product, the description of each issue, its severity, and the product version containing the fix.
Product
Description
Severity
Resolved in
CVE/CWE
CLion
The suggested WSL configuration exposed a local SSH server to the internal network (CPP-15063)
Moderate
No fix versions
CWE-276
Documentation
JetBrains GitHub repositories had a world-editable wiki.(DOC-6532) Reported by Bogdan Gagea
Moderate
No fix versions
CWE-732
Hub
A user password could appear in the audit events for certain server settings (JPS-7895)
High
2018.4.11298
CVE-2019-12847
IntelliJ IDEA
The default configuration for Spring Boot apps was not secure (IDEA-204439)
High
2018.3.4, 2019.1
CVE-2019-9186
IntelliJ IDEA
The application server configuration allowed cleartext storage of secrets (IDEA-201519, IDEA-202483, IDEA-203271)
High
2018.1.8, 2018.2.8, 2018.3.5, 2019.1
CVE-2019-9872
IntelliJ IDEA
The implementation of storage in the KeePass database was not secure (IDEA-200066)
Low
2018.3, 2019.1
CWE-922
IntelliJ IDEA
A certain application server configuration allowed cleartext storage of secrets (IDEA-199911)
Low
2018.3
CWE-317
IntelliJ IDEA
A certain application server configuration allowed cleartext storage of secrets (IDEA-203613)
Moderate
2018.1.8, 2018.2.8, 2018.3.5
CVE-2019-9823
IntelliJ IDEA
A certain remote server configurations allowed cleartext storage of secrets (IDEA-203272, IDEA-203260, IDEA-206556, IDEA-206557)
High
2019.1
CVE-2019-9873
IntelliJ IDEA
The run configuration of certain application servers allowed remote code execution while running the server with the default settings (IDEA-204570)
High
2018.3.7, 2018.1.8, 2018.2.8, 2018.3.4
CVE-2019-10103, CVE-2019-10104
JetBrains Account
An open redirect vulnerability via the backUrl parameter was detected (JPF-8899)
Moderate
No fix version
CWE-601
JetBrains Account
An open redirect vulnerability via the backUrl parameter was detected (JPF-8899)
Moderate
No fix version
CWE-444
Kotlin
The JetBrains Kotlin project was resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
Moderate
1.3.30
CVE-2019-10101
Kotlin Plugin
IntelliJ IDEA projects created using the Kotlin IDE template were resolving artifacts using an http connection, potentially allowing an MITM attack.
Moderate
1.3.30
CVE-2019-10102
Plugin Marketplace
Some HTTP Security Headers were missing (MP-2004)
Moderate
No fix version
CWE-693
Plugin Marketplace
A reflected XSS was detected (MP-2001)
Moderate
No fix version
CWE-79
Plugin Marketplace
A CSRF vulnerability was detected (MP-2002)
Moderate
No fix version
CWE-352
PyCharm
A certain remote server configuration allowed cleartext storage of secrets (PY-32885)
Moderate
2018.3.2
CWE-209
TeamCity
A possible stored JavaScript injection was detected (TW-59419)
Moderate
2018.2.3
CVE-2019-12844
TeamCity
The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts (TW-59379)
Moderate
2018.2.3
CVE-2019-12845
TeamCity
A possible stored JavaScript injection requiring a deliberate server administrator action was detected (TW-55640)
Moderate
2018.2.3
CVE-2019-12843
TeamCity
Incorrect handling of user input in ZIP extraction (TW-57143)
Moderate
2018.2.2
CVE-2019-12841
TeamCity
A reflected XSS on a user page was detected (TW-58661)
Moderate
2018.2.2
CVE-2019-12842
TeamCity
A user without the required permissions could gain access to some settings (TW-58571)
Moderate
2018.2.2
CVE-2019-12846
YouTrack
An SSRF attack was possible on a YouTrack server (JT-51121)
High
2018.4.49168
CVE-2019-12852
YouTrack
An Insecure Direct Object Reference was possible (JT-51103)
Low
2018.4.49168
CVE-2019-12866
YouTrack
Certain actions could cause privilege escalation for issue attachments (JT-51080)
Moderate
2018.4.49168
CVE-2019-12867
YouTrack
A query injection was possible (JT-51105)
Low
2018.4.49168
CVE-2019-12850
YouTrack Licensing
An unauthorized disclosure of license details to an attacker #2 was possible (JT-51117)
Low
No fix version
CWE-284
YouTrack Licensing
A reflected XSS was detected (JT-51074)
Low
No fix version
CWE-79
YouTrack
A CSRF vulnerability was detected in one of admin endpoints (JT-51110)
Moderate
2018.4.49852
CVE-2019-12851
YouTrack Confluence Integration Plugin
The YouTrack Confluence plugin allowed the SSTI vulnerability (JT-51594)
Moderate
1.8.1.3
CVE-2019-10100
If you need any further assistance, please contact our Security Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team
The Drive to Develop