CVE-2023-51655 - OpenCVE

In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Jetbrains	Intellij Idea

Configuration 1 [-]

cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.jetbrains.com/privacy-security/issues-fixed/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: JetBrains

Published: 2023-12-21T09:57:04.395Z

Updated: 2023-12-21T09:57:04.395Z

Reserved: 2023-12-21T09:56:59.233Z

Link: CVE-2023-51655

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-12-21T10:15:36.850

Modified: 2023-12-29T16:50:16.837

Link: CVE-2023-51655

JSON object: View

Redhat Information

No data.

CWE