Vulnerabilities > CVE-2021-25758 - Deserialization of Untrusted Data vulnerability in Jetbrains Intellij Idea

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

jetbrains

CWE-502

NVD

Published: 2021-02-03

Updated: 2021-12-10

Summary

In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.

Vulnerable Configurations

Part	Description	Count
Application	Jetbrains Jetbrains Intellij Idea - Jetbrains Intellij Idea 9.0.3 Jetbrains Intellij Idea 9.0.4 Jetbrains Intellij Idea 10.5.2 Jetbrains Intellij Idea 11.0 Jetbrains Intellij Idea 11.0.1 Jetbrains Intellij Idea 11.0.2 Jetbrains Intellij Idea 11.1 Jetbrains Intellij Idea 11.1.1 Jetbrains Intellij Idea 11.1.2 Jetbrains Intellij Idea 11.1.3 Jetbrains Intellij Idea 11.1.4 Jetbrains Intellij Idea 11.1.5 Jetbrains Intellij Idea 12.0 Jetbrains Intellij Idea 12.0.1 Jetbrains Intellij Idea 12.0.2 Jetbrains Intellij Idea 12.0.3 Jetbrains Intellij Idea 12.0.4 Jetbrains Intellij Idea 12.1 Jetbrains Intellij Idea 12.1.1 Jetbrains Intellij Idea 12.1.2 Jetbrains Intellij Idea 12.1.3 Jetbrains Intellij Idea 12.1.4 Jetbrains Intellij Idea 12.1.5 Jetbrains Intellij Idea 12.1.6 Jetbrains Intellij Idea 12.1.7 Jetbrains Intellij Idea 12.1.8 Jetbrains Intellij Idea 13.0 Jetbrains Intellij Idea 13.0.1 Jetbrains Intellij Idea 13.0.2 Jetbrains Intellij Idea 13.0.3 Jetbrains Intellij Idea 13.0.4 Jetbrains Intellij Idea 13.0.5 Jetbrains Intellij Idea 13.1 Jetbrains Intellij Idea 13.1.1 Jetbrains Intellij Idea 13.1.2 Jetbrains Intellij Idea 13.1.3 Jetbrains Intellij Idea 13.1.4 Jetbrains Intellij Idea 13.1.5 Jetbrains Intellij Idea 13.1.6 Jetbrains Intellij Idea 13.1.7 Jetbrains Intellij Idea 14.0 Jetbrains Intellij Idea 14.0.1 Jetbrains Intellij Idea 14.0.2 Jetbrains Intellij Idea 14.0.3 Jetbrains Intellij Idea 14.0.4 Jetbrains Intellij Idea 14.0.5 Jetbrains Intellij Idea 14.1 Jetbrains Intellij Idea 14.1.1 Jetbrains Intellij Idea 14.1.2 Jetbrains Intellij Idea 14.1.3 Jetbrains Intellij Idea 14.1.4 Jetbrains Intellij Idea 14.1.5 Jetbrains Intellij Idea 14.1.6 Jetbrains Intellij Idea 14.1.7 Jetbrains Intellij Idea 15.0 Jetbrains Intellij Idea 15.0.1 Jetbrains Intellij Idea 15.0.2 Jetbrains Intellij Idea 15.0.3 Jetbrains Intellij Idea 15.0.4 Jetbrains Intellij Idea 15.0.5 Jetbrains Intellij Idea 15.0.6 Jetbrains Intellij Idea 2016.1 Jetbrains Intellij Idea 2016.1.1 Jetbrains Intellij Idea 2016.1.2 Jetbrains Intellij Idea 2016.1.3 Jetbrains Intellij Idea 2016.1.4 Jetbrains Intellij Idea 2016.2 Jetbrains Intellij Idea 2016.2.1 Jetbrains Intellij Idea 2016.2.2 Jetbrains Intellij Idea 2016.2.3 Jetbrains Intellij Idea 2016.2.4 Jetbrains Intellij Idea 2016.2.5 Jetbrains Intellij Idea 2016.3 Jetbrains Intellij Idea 2016.3.2 Jetbrains Intellij Idea 2016.3.3 Jetbrains Intellij Idea 2016.3.4 Jetbrains Intellij Idea 2016.3.5 Jetbrains Intellij Idea 2016.3.6 Jetbrains Intellij Idea 2016.3.7 Jetbrains Intellij Idea 2016.3.8 Jetbrains Intellij Idea 2017.1 Jetbrains Intellij Idea 2017.1.1 Jetbrains Intellij Idea 2017.1.2 Jetbrains Intellij Idea 2017.1.3 Jetbrains Intellij Idea 2017.1.4 Jetbrains Intellij Idea 2017.1.5 Jetbrains Intellij Idea 2017.1.6 Jetbrains Intellij Idea 2017.2 Jetbrains Intellij Idea 2017.2.1 Jetbrains Intellij Idea 2017.2.2 Jetbrains Intellij Idea 2017.2.3 Jetbrains Intellij Idea 2017.2.4 Jetbrains Intellij Idea 2017.2.5 Jetbrains Intellij Idea 2017.2.6 Jetbrains Intellij Idea 2017.2.7 Jetbrains Intellij Idea 2017.3 Jetbrains Intellij Idea 2017.3.1 Jetbrains Intellij Idea 2017.3.2 Jetbrains Intellij Idea 2017.3.3 Jetbrains Intellij Idea 2017.3.4 Jetbrains Intellij Idea 2017.3.5 Jetbrains Intellij Idea 2017.3.6 Jetbrains Intellij Idea 2017.3.7 Jetbrains Intellij Idea 2018.1 Jetbrains Intellij Idea 2018.1.1 Jetbrains Intellij Idea 2018.1.2 Jetbrains Intellij Idea 2018.1.3 Jetbrains Intellij Idea 2018.1.4 Jetbrains Intellij Idea 2018.1.5 Jetbrains Intellij Idea 2018.1.6 Jetbrains Intellij Idea 2018.1.7 Jetbrains Intellij Idea 2018.1.8 Jetbrains Intellij Idea 2018.2 Jetbrains Intellij Idea 2018.2.1 Jetbrains Intellij Idea 2018.2.2 Jetbrains Intellij Idea 2018.2.3 Jetbrains Intellij Idea 2018.2.4 Jetbrains Intellij Idea 2018.2.5 Jetbrains Intellij Idea 2018.2.6 Jetbrains Intellij Idea 2018.2.7 Jetbrains Intellij Idea 2018.2.8 Jetbrains Intellij Idea 2018.3 Jetbrains Intellij Idea 2018.3.1 Jetbrains Intellij Idea 2018.3.2 Jetbrains Intellij Idea 2018.3.3 Jetbrains Intellij Idea 2018.3.4 Jetbrains Intellij Idea 2018.3.5 Jetbrains Intellij Idea 2018.3.6 Jetbrains Intellij Idea 2019.1 Jetbrains Intellij Idea 2019.1.1 Jetbrains Intellij Idea 2019.1.2 Jetbrains Intellij Idea 2019.1.3 Jetbrains Intellij Idea 2019.1.4 Jetbrains Intellij Idea 2019.2 Jetbrains Intellij Idea 2019.2.1 Jetbrains Intellij Idea 2019.2.2 Jetbrains Intellij Idea 2019.2.3 Jetbrains Intellij Idea 2019.2.4 Jetbrains Intellij Idea 2019.3 Jetbrains Intellij Idea 2019.3.0 Jetbrains Intellij Idea 2019.3.3 Jetbrains Intellij Idea 2019.3.4 Jetbrains Intellij Idea 2020.1 Jetbrains Intellij Idea 2020.2	145

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References