AppCode
CLion
DataGrip
GoLand
IntelliJ IDEA
MPS
PhpStorm
PyCharm
Rider
RubyMine
WebStorm
Toolbox App
.NET Tools
ReSharper C++
Space
TeamCity
Upsource
YouTrack
HubJetBrains Security Bulletin 2018 Q1
Posted on by
We have resolved a series of security issues in our products within the first quarter of 2018. Below is a summary of the more important ones, including the description and the version in which they were resolved.
| Product | Description | Severity | Resolved in |
| dotTrace | dotTrace allowed privilege escalation (PROF-668) | Critical | 2017.1, 2017.2, 2017.3, 2018.1
For 2017.1 and 2017.2, please apply the appropriate EtwService.msi: |
| Hub | Limitation of login attempts at hub.jetbrains.com was disabled (JPS-7627) | Low | 2018.1.9041 |
| Hub | It was possible to obtain a new access token for a banned user (JPS-7553) | Low | 2017.4.8440 |
| IntelliJ IDEA | YourKit profiler port was available externally in EAP builds for Linux (IDEA-184795) | Low | 2018.1 (181.4203.550) |
| JetProfile | Privilege escalation was possible for JetBrains Account activity log (JPF-7437) | Moderate | N/A |
| JetProfile | Valid password links might remain upon password reset (JPF-7335) | Low | N/A |
| TeamCity | VCS preview allowed XSS attack (TW-54027) | Note | 2017.2.3 (51047) |
| TeamCity | Data Directory preview allowed XSS attack (TW-54021) | Low | 2017.2.3 (51047) |
| TeamCity | vmWare plugin settings allowed XSS attack (TW-53984) | High | 2017.2.3 (51047) |
| TeamCity | VCS settings allowed XSS attack (TW-53943, TW-53978) | High | 2017.2.3 (51047) |
| TeamCity | Authentication bypass was possible with certain Windows server configuration (TW-53507) | Moderate | 2017.2.2 (50909) |
| TeamCity | Project administrator could run arbitrary code (TW-50054) | High | 2017.2.2 (50909) |
| TeamCity | Build fields allowed XSS attack (TW-53466) | Moderate | 2017.2.2 (50909) |
| TeamCity | Multiple XSS vulnerabilities (reported by Viktor Gazdag of NCC Group) (TW-53442) | High | 2017.2.2 (50909) |
| TeamCity | JavaScript injection to Azure ARM plugin settings was possible (TW-53986) | Moderate | N/A |
| Upsource | Multiple XSS vulnerabilities (Reported by Viktor Gazdag of NCC Group) (UP-9606) | Moderate | 2017.3.2888 |
| YouTrack | RSS feed allowed unauthorized access to comments with certain configuration (JT-46375) | Moderate | 2018.1.40341 |
| YouTrack | REST API allowed unauthorized access to attachments of hidden comments (JT-46004) | Moderate | 2018.1.40341 |
| YouTrack | RSS feed allowed unauthorized access to issues list with certain configuration (JT-46159) | High | 2018.1.40066 |
| YouTrack | Custom fields allowed privilege escalation for guest user account (JT-46115) | Moderate | 2018.1.40025 |
| YouTrack | Issue linking permission bypassing was available via “Create issue linked as…” (JT-25321) | Moderate | 2017.4.39533 |
| YouTrack | Unauthorized access to issue content was possible even if guest user access was restricted in the bundle installer (JT-45284) | Low | 2017.4.39083 |
| YouTrack | Activity records for private fields were available to users with read-only permissions (JT-45282) | Moderate | 2017.4.39083 |
If you need any further assistance, please contact our Support Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team
The Drive to Develop
Comments below can no longer be edited.
Oddbjørn Bakke says:
April 30, 2018Thank you for sharing. 🙂
But, ‘Below is a summary of the more important ones’. Is there any good and simplified overview like the one above for the less important ones?
Eugene Toporov says:
May 4, 2018Hi Oddbjørn,
Less important are those that were found and resolved within the product development phase before releasing them to users. As they don’t affect external users of our products, we don’t make them publicly available.