3.5
CVE-2022-29820
- EPSS 0%
- Veröffentlicht 28.04.2022 10:15:08
- Zuletzt bearbeitet 21.11.2024 06:59:44
- Quelle cve@jetbrains.com
- Teams Watchlist Login
- Unerledigt Login
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0% | 0 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.5 | 2.1 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:P/I:N/A:N
|
| cve@jetbrains.com | 3 | 1.5 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
|
CWE-1327 Binding to an Unrestricted IP Address
The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely.
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.