Vulnerabilities > Jetbrains > HUB > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2021-25760 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
network
low complexity
jetbrains
5.3
2021-02-03 CVE-2021-25759 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.
network
low complexity
jetbrains
6.5
2021-02-03 CVE-2021-25757 Open Redirect vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
network
low complexity
jetbrains CWE-601
6.1
2019-10-31 CVE-2019-18360 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub versions earlier than 2019.1.11738, username enumeration was possible through password recovery.
network
low complexity
jetbrains
5.3
2019-10-01 CVE-2019-14955 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented.
network
low complexity
jetbrains CWE-640
5.3