JetBrains
Security
JetBrains Security Bulletin Q3 2021
In the third quarter of 2021, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.
| Product | Description | Severity | Resolved in | CVE/CWE |
| Datalore | Server version disclosure. Reported by Bharat (DL-9447) | Low | Not applicable | Not applicable |
| Hub | Information disclosure via avatar metadata (HUB-10154) | Low | 2021.1.13690 | CVE-2021-43180 |
| Hub | Potential DOS via user information. Reported by Bharat (HUB-10804) | Low | 2021.1.13415 | CVE-2021-43182 |
| Hub | Stored XSS. Reported by Dmitry Sherstoboev (HUB-10854) | Medium | 2021.1.13690 | CVE-2021-43181 |
| Hub | Authentication throttling mechanism could be bypassed. Reported by Bharat (HUB-10869) | Medium | 2021.1.13690 | CVE-2021-43183 |
| JetBrains Account | Authentication throttling mechanism could be bypassed. Reported by Bharat (JPF-11933) | Medium | 2021.07 | Not applicable |
| Ktor | Improper nonce verification during the OAuth2 authentication process. Reported by Ole Schilling Tjensvold (KTOR-3091) | Medium | 1.6.4 | CVE-2021-43203 |
| Space | Authentication throttling mechanism could be bypassed. Reported by Bharat (SPACE-15282) | Low | Not applicable | Not applicable |
| Space | SSRF disclosing EC2 metadata (SPACE-15666) | High | Not applicable | Not applicable |
| TeamCity Cloud | Session takeover using an open redirect in OAuth integration. Reported by Yurii Sanin (TCC-277) | High | Not applicable | Not applicable |
| TeamCity | User enumeration was possible (TW-70167) | Low | 2021.1.2 | CVE-2021-43194 |
| TeamCity | RCE in agent push functionality. Reported by Eduardo Castellanos (TW-70384) | High | 2021.1.2 | CVE-2021-43193 |
| TeamCity | Information disclosure via the Docker Registry connection dialog (TW-70459) | Medium | 2021.1 | CVE-2021-43196 |
| TeamCity | Some HTTP security headers were missing (TW-71376) | Low | 2021.1.2 | CVE-2021-43195 |
| TeamCity | Email notifications could include unescaped HTML (TW-71981) | Low | 2021.1.2 | CVE-2021-43197 |
| TeamCity | Insufficient permissions checks in create patch functionality (TW-71982) | Low | 2021.1.2 | CVE-2021-43199 |
| TeamCity | Stored XSS (TW-72007) | Low | 2021.1.2 | CVE-2021-43198 |
| TeamCity | Insufficient permissions checks in agent push functionality (TW-72177) | Low | 2021.1.2 | CVE-2021-43200 |
| TeamCity | X-Frame-Options header was missing in some cases (TW-72464) | Low | 2021.1.3 | CVE-2021-43202 |
| TeamCity | A newly created project could take settings from a deleted project (TW-72521) | Medium | 2021.1.3 | CVE-2021-43201 |
| YouTrack Mobile | Client-side caching on iOS (YTM-12961) | Low | 2021.2 | CVE-2021-43187 |
| YouTrack Mobile | Incomplete access tokens protection on iOS (YTM-12962, YTM-12965, YTM-12966) | Low | 2021.2 | CVE-2021-43188 |
| YouTrack Mobile | Incomplete access tokens protection on Android (YTM-12964) | Low | 2021.2 | CVE-2021-43189 |
| YouTrack Mobile | Task hijacking on Android (YTM-12967) | Low | 2021.2 | CVE-2021-43190 |
| YouTrack Mobile | iOS URL scheme hijacking (YTM-12968) | Low | 2021.2 | CVE-2021-43192 |
| YouTrack Mobile | Missing security screen on Android and iOS (YTM-12969) | Low | 2021.2 | CVE-2021-43191 |
| YouTrack | Stored XSS (JT-63483) | Low | 2021.3.21051 | CVE-2021-43184 |
| YouTrack | Unsafe EC2 configuration in YouTrack InCloud (JT-63693, JT-63695) | Low | Not applicable | Not applicable |
| YouTrack | Host header injection. Reported by Artem Ivanov (JT-65590) | Medium | 2021.3.23639 | CVE-2021-43185 |
| YouTrack | Stored XSS. Reported by Artem Ivanov (JT-65749) | High | 2021.3.24402 | CVE-2021-43186 |
If you need any further assistance, please contact our Security Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team
The Drive to Develop
Subscribe to JetBrains Blog updates
