Vulnerabilities > CVE-2024-50573 - Missing Authorization vulnerability in Jetbrains HUB

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

NVD

Published: 2024-10-28

Updated: 2024-10-29

Summary

In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services

Part	Description	Count
Application	Jetbrains Jetbrains HUB 1.0.648 Jetbrains HUB 1.0.739 Jetbrains HUB 1.0.749 Jetbrains HUB 1.0.770 Jetbrains HUB 1.0.797 Jetbrains HUB 1.0.809 Jetbrains HUB 2.0.182 Jetbrains HUB 2.0.314 Jetbrains HUB 2.5.330 Jetbrains HUB 2.5.359 Jetbrains HUB 2.5.450 Jetbrains HUB 2.5.456 Jetbrains HUB 2017.1 Jetbrains HUB 2017.1.4524 Jetbrains HUB 2017.1.4711 Jetbrains HUB 2017.2 Jetbrains HUB 2017.3 Jetbrains HUB 2017.4 Jetbrains HUB 2018.1 Jetbrains HUB 2018.3 Jetbrains HUB 2018.4.11298 Jetbrains HUB 2018.4.11436 Jetbrains HUB 2019.1 Jetbrains HUB 2019.1.11738 Jetbrains HUB 2020.1.12099 Jetbrains HUB 2020.1.12629 Jetbrains HUB 2020.1.12669 Jetbrains HUB 2021.1.13415 Jetbrains HUB 2021.1.13690 Jetbrains HUB 2022.1.14638 Jetbrains HUB 2022.1.15583 Jetbrains HUB 2022.2 Jetbrains HUB 2022.2.14799 Jetbrains HUB 2022.2.15572 Jetbrains HUB 2022.3 Jetbrains HUB 2022.3.15573 Jetbrains HUB 2023.1.15725	37