CVE-2020-24618

In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.

Published: Aug 27, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-24618
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
jetbrains / youtrack	2020.3	2020.3.4313
jetbrains / youtrack	-	2019.1.65514
jetbrains / youtrack	2020.2	2020.2.11008
jetbrains / youtrack	2019.3	2019.3.65516
jetbrains / youtrack	2020.1	2020.1.11011
jetbrains / youtrack	2019.2.0	2019.2.65515

https://blog.jetbrains.com
https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/
https://youtrack.jetbrains.com/issue/JT-59265

Vulnerability Database

290,278

CVE-2020-24618