CVE-2019-9186

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface). This issue has been fixed in the following versions: 2019.1, 2018.3.4, 2018.2.8, 2018.1.8, and 2017.3.7.
Configurations

Configuration 1

cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*:*
cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*:*
cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*:*
cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*:*

Information

Published : 2019-07-03 07:15

Updated : 2021-07-21 11:39


NVD link : CVE-2019-9186

Mitre link : CVE-2019-9186

Products Affected
No products.
CWE