Vulnerabilities > CVE-2019-14957 - Insecure Storage of Sensitive Information vulnerability in Jetbrains VIM

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
jetbrains
CWE-922

Summary

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository.

Common Weakness Enumeration (CWE)