exploitDog

CVE-2019-12156

Опубликовано: 02 окт. 2019

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293.

Ссылки

https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/
Vendor Advisory
https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jetbrains:upsource:*:*:*:*:*:*:*:*

Версия до 2018.2.1290 (исключая)

EPSS

Процентиль: 0%

0.00003

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-209

Связанные уязвимости

GHSA-q3xq-8f4w-2g7c

github

больше 3 лет назад

Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293.

EPSS

Процентиль: 0%

0.00003

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-209