CVE-2024-50573 MEDIUM

CVE-2024-50573

Vendor Jetbrains
Product Hub
Weakness CWE-862 · Missing authorization
Published October 28, 2024
Last update October 28, 2024
View on NVD All CVEs

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services

Key dates

02Disclosure timeline

October 28, 2024 CVE published
October 28, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-27449 WordPress Total Poll Lite plugin <= 4.8.6 - Broken Access Control vulnerability CVE-2018-7688 Open Build Service accepts arbitrary reviews CVE-2026-6506 InfusedWoo Pro <= 5.1.2 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary User Meta Update CVE-2025-24725 WordPress Thim Elementor Kit Plugin <= 1.2.8 - Broken Access Control vulnerability CVE-2024-1587 Newsmatic <= 1.3.4 - Unauthenticated Information Exposure via newsmatic_filter_posts_load_tab_content