CVE-2022-48477: SSRF
First published: Mon Apr 24 2023(Updated: )
In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing
Credit: security@jetbrains.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JetBrains Hub | <2023.1.15725 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this SSRF protection issue in JetBrains Hub?
The vulnerability ID is CVE-2022-48477.
What is the severity rating for this SSRF protection issue in JetBrains Hub?
The severity rating is critical with a CVSS score of 9.8.
What is SSRF protection and why is it important in JetBrains Hub?
SSRF protection is the mitigation technique used to prevent Server-Side Request Forgery attacks, which can lead to unauthorized access to internal resources or sensitive data in JetBrains Hub.
How do I know if my version of JetBrains Hub is affected by this vulnerability?
If your version of JetBrains Hub is before 2023.1.15725, then it is affected by this SSRF protection issue.
How can I fix this SSRF protection issue in JetBrains Hub?
To fix this SSRF protection issue, you should update your JetBrains Hub to version 2023.1.15725 or newer, where the vulnerability has been fixed.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/jetbrains
- canonical/jetbrains hub