Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293.
References
Link | Resource |
---|---|
https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/ | Vendor Advisory |
https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/ | Vendor Advisory |
Configurations
History
21 Nov 2024, 04:22
Type | Values Removed | Values Added |
---|---|---|
References | () https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/ - Vendor Advisory |
Information
Published : 2019-10-02 19:15
Updated : 2024-11-21 04:22
NVD link : CVE-2019-12156
Mitre link : CVE-2019-12156
CVE.ORG link : CVE-2019-12156
JSON object : View
Products Affected
jetbrains
- upsource
CWE
CWE-209
Generation of Error Message Containing Sensitive Information