News Security

JetBrains Security Bulletin 2018 Q1

We have resolved a series of security issues in our products within the first quarter of 2018. Below is a summary of the more important ones, including the description and the version in which they were resolved.

Product Description Severity Resolved in
dotTrace dotTrace allowed privilege escalation (PROF-668) Critical 2017.1, 2017.2, 2017.3, 2018.1

For 2017.1 and 2017.2, please apply the appropriate EtwService.msi:
dotTrace 2017.1: OS Windows x86, OS Windows x64
dotTrace 2017.2: OS Windows x86, OS Windows x64

Hub Limitation of login attempts at was disabled (JPS-7627) Low 2018.1.9041
Hub It was possible to obtain a new access token for a banned user (JPS-7553) Low 2017.4.8440
IntelliJ IDEA YourKit profiler port was available externally in EAP builds for Linux (IDEA-184795) Low 2018.1 (181.4203.550)
JetProfile Privilege escalation was possible for JetBrains Account activity log (JPF-7437) Moderate N/A
JetProfile Valid password links might remain upon password reset (JPF-7335) Low N/A
TeamCity VCS preview allowed XSS attack (TW-54027) Note 2017.2.3 (51047)
TeamCity Data Directory preview allowed XSS attack (TW-54021) Low 2017.2.3 (51047)
TeamCity vmWare plugin settings allowed XSS attack (TW-53984) High 2017.2.3 (51047)
TeamCity VCS settings allowed XSS attack (TW-53943, TW-53978) High 2017.2.3 (51047)
TeamCity Authentication bypass was possible with certain Windows server configuration (TW-53507) Moderate 2017.2.2 (50909)
TeamCity Project administrator could run arbitrary code (TW-50054) High 2017.2.2 (50909)
TeamCity Build fields allowed XSS attack (TW-53466) Moderate 2017.2.2 (50909)
TeamCity Multiple XSS vulnerabilities (reported by Viktor Gazdag of NCC Group) (TW-53442) High 2017.2.2 (50909)
TeamCity JavaScript injection to Azure ARM plugin settings was possible (TW-53986) Moderate N/A
Upsource Multiple XSS vulnerabilities (Reported by Viktor Gazdag of NCC Group) (UP-9606) Moderate 2017.3.2888
YouTrack RSS feed allowed unauthorized access to comments with certain configuration (JT-46375) Moderate 2018.1.40341
YouTrack REST API allowed unauthorized access to attachments of hidden comments (JT-46004) Moderate 2018.1.40341
YouTrack RSS feed allowed unauthorized access to issues list with certain configuration (JT-46159) High 2018.1.40066
YouTrack Custom fields allowed privilege escalation for guest user account (JT-46115) Moderate 2018.1.40025
YouTrack Issue linking permission bypassing was available via “Create issue linked as…” (JT-25321) Moderate 2017.4.39533
YouTrack Unauthorized access to issue content was possible even if guest user access was restricted in the bundle installer (JT-45284) Low 2017.4.39083
YouTrack Activity records for private fields were available to users with read-only permissions (JT-45282) Moderate 2017.4.39083

If you need any further assistance, please contact our Support Team.

Subscribe to receive the bulletin in your mailbox.

Your JetBrains Team
The Drive to Develop

image description