In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. The issue has been fixed in the following versions: 2018.3.5, 2018.2.8, 2018.1.8.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HJetbrains Intellij Idea
APPJetbrains2018.1 – 2018.1.8 (bez)2018.2 – 2018.2.8 (bez)2018.3 – 2018.3.5 (bez)
Related vulnerabilities
Wyciek tokenu GitHub do stron trzecich w JetBrains IDE
JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand ...
In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some ca...
In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving ...
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed ...