ID CVE-2020-25207
Summary JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.
References
Vulnerable Configurations
  • cpe:2.3:a:jetbrains:toolbox:-:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:-:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.0:-:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.0:beta:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.13:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.14:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.15:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.15.5605:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.15.5605:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.15.5666:*:*:*:*:windows:*:*
    cpe:2.3:a:jetbrains:toolbox:1.15.5666:*:*:*:*:windows:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.17:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.17.6802:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.17.6802:*:*:*:*:*:*:*
  • cpe:2.3:a:jetbrains:toolbox:1.17.6856:*:*:*:*:*:*:*
    cpe:2.3:a:jetbrains:toolbox:1.17.6856:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 21-11-2020 - 02:36)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
Last major update 21-11-2020 - 02:36
Published 16-11-2020 - 15:15
Last modified 21-11-2020 - 02:36
Back to Top