Vulnerability Description
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
CVSS Score
6.5
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jetbrains | Youtrack | < 2019.1.65514 |
References
- https://blog.jetbrains.comVendor Advisory
- https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/Vendor Advisory
- https://youtrack.jetbrains.com/issue/JT-59265Vendor Advisory
- https://blog.jetbrains.comVendor Advisory
- https://blog.jetbrains.com/2020/11/16/jetbrains-security-bulletin-q3-2020/Vendor Advisory
- https://youtrack.jetbrains.com/issue/JT-59265Vendor Advisory
FAQ
What is CVE-2020-24618?
CVE-2020-24618 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
How severe is CVE-2020-24618?
CVE-2020-24618 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-24618?
Check the references section above for vendor advisories and patch information. Affected products include: Jetbrains Youtrack.