Vulnerabilities > CVE-2022-25260 - Server-Side Request Forgery (SSRF) vulnerability in Jetbrains HUB

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

NVD

Published: 2022-02-25

Updated: 2022-03-08

Summary

JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF).

Part	Description	Count
Application	Jetbrains Jetbrains HUB 1.0.648 Jetbrains HUB 1.0.739 Jetbrains HUB 1.0.749 Jetbrains HUB 1.0.770 Jetbrains HUB 1.0.797 Jetbrains HUB 1.0.809 Jetbrains HUB 2.0.182 Jetbrains HUB 2.0.314 Jetbrains HUB 2.5.330 Jetbrains HUB 2.5.359 Jetbrains HUB 2.5.450 Jetbrains HUB 2.5.456 Jetbrains HUB 2017.1 Jetbrains HUB 2017.1.4524 Jetbrains HUB 2017.1.4711 Jetbrains HUB 2017.2 Jetbrains HUB 2017.3 Jetbrains HUB 2017.4 Jetbrains HUB 2018.1 Jetbrains HUB 2018.3 Jetbrains HUB 2018.4.11298 Jetbrains HUB 2018.4.11436 Jetbrains HUB 2019.1 Jetbrains HUB 2019.1.11738 Jetbrains HUB 2020.1.12099 Jetbrains HUB 2020.1.12629 Jetbrains HUB 2020.1.12669 Jetbrains HUB 2021.1.13415 Jetbrains HUB 2021.1.13690	29