Vulnerabilities > CVE-2022-48477 - Server-Side Request Forgery (SSRF) vulnerability in Jetbrains HUB

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

critical

NVD

Published: 2023-04-24

Updated: 2023-05-02

Summary

In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing

Part	Description	Count
Application	Jetbrains Jetbrains HUB 1.0.648 Jetbrains HUB 1.0.739 Jetbrains HUB 1.0.749 Jetbrains HUB 1.0.770 Jetbrains HUB 1.0.797 Jetbrains HUB 1.0.809 Jetbrains HUB 2.0.182 Jetbrains HUB 2.0.314 Jetbrains HUB 2.5.330 Jetbrains HUB 2.5.359 Jetbrains HUB 2.5.450 Jetbrains HUB 2.5.456 Jetbrains HUB 2017.1 Jetbrains HUB 2017.1.4524 Jetbrains HUB 2017.1.4711 Jetbrains HUB 2017.2 Jetbrains HUB 2017.3 Jetbrains HUB 2017.4 Jetbrains HUB 2018.1 Jetbrains HUB 2018.3 Jetbrains HUB 2018.4.11298 Jetbrains HUB 2018.4.11436 Jetbrains HUB 2019.1 Jetbrains HUB 2019.1.11738 Jetbrains HUB 2020.1.12099 Jetbrains HUB 2020.1.12629 Jetbrains HUB 2020.1.12669 Jetbrains HUB 2021.1.13415 Jetbrains HUB 2021.1.13690 Jetbrains HUB 2022.1.14638 Jetbrains HUB 2022.1.15583 Jetbrains HUB 2022.2 Jetbrains HUB 2022.2.14799 Jetbrains HUB 2022.2.15572 Jetbrains HUB 2022.3 Jetbrains HUB 2022.3.15573	36