Vulnerability Database

300,830

Total vulnerabilities in the database

CVE-2019-12157

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.

  • Published: Oct 2, 2019
  • Updated: Nov 9, 2025
  • CVE: CVE-2019-12157
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
jetbrains / teamcity - 2018.2.5
jetbrains / upsource 2018.2-build_1141 2018.2-build_1141.x
jetbrains / upsource 2018.2-build_1154 2018.2-build_1154.x
jetbrains / upsource 2018.2-build_1291 2018.2-build_1291.x
jetbrains / upsource 2018.2-build_1013 2018.2-build_1013.x
jetbrains / upsource - 2018.2.x