CVE-2019-9873
First published: Wed Jul 03 2019(Updated: )
In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. The issue has been fixed in the following versions: 2019.1, 2018.3.5, 2018.2.8, and 2018.1.8.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JetBrains IntelliJ IDEA | <2019.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-9873.
What is the severity of CVE-2019-9873?
CVE-2019-9873 has a severity rating of 9.8 (Critical).
How does this vulnerability occur?
This vulnerability occurs when creating Task Servers configurations in several versions of JetBrains IntelliJ IDEA Ultimate.
What is the impact of CVE-2019-9873?
The impact of CVE-2019-9873 is the saving of a cleartext unencrypted record of server credentials in the IDE configuration files.
Which versions of JetBrains IntelliJ IDEA Ultimate are affected?
The affected versions of JetBrains IntelliJ IDEA Ultimate include 2019.1, 2018.3.5, 2018.2.8, and 2018.1.8.
How can I fix this vulnerability?
To fix this vulnerability, update to the fixed versions of JetBrains IntelliJ IDEA Ultimate: 2019.1, 2018.3.5, 2018.2.8, or 2018.1.8.
- collector/nvd-index
- agent/softwarecombine
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/source
- vendor/jetbrains
- canonical/jetbrains intellij idea