CVE-2019-10103 — HIGH (8.1)

Q: How severe is CVE-2019-10103?

CVE-2019-10103 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-10103?

Check the references section above for vendor advisories and patch information. Affected products include: Jetbrains Kotlin.

Vulnerability Description

JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin plugin version 1.3.30, is similar to CVE-2019-10101.

CVSS Score

8.1

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Jetbrains	Kotlin	< 1.3.30

Related Weaknesses (CWE)

CWE-311

References

FAQ

What is CVE-2019-10103?

CVE-2019-10103 is a vulnerability with a CVSS score of 8.1 (HIGH). JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue,...

How severe is CVE-2019-10103?

CVE-2019-10103 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-10103?

Check the references section above for vendor advisories and patch information. Affected products include: Jetbrains Kotlin.