JetBrains Urges Urgent Patching for Critical IntelliJ Vulnerability Exposing GitHub Tokens
JetBrains Warns of Critical Vulnerability in IntelliJ IDEs Exposing GitHub Tokens
JetBrains has issued an urgent advisory for users of its IntelliJ integrated development environment (IDE) applications, highlighting a critical vulnerability that could expose GitHub access tokens. This flaw, tracked as CVE-2024-37051, affects all IntelliJ-based IDEs from version 2023.1 onwards where the JetBrains GitHub plugin is enabled and configured.
The vulnerability was first reported on May 29, 2024, by an external security researcher. Ilya Pleskunin, JetBrains’ security support team lead, explained that the issue involves handling pull requests within the IDE, potentially allowing malicious content in pull requests to expose access tokens to unauthorized third parties.
See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
In response, JetBrains has released security updates addressing this critical flaw in all affected IDE versions from 2023.1 onwards. The company has also patched the vulnerable GitHub plugin and removed all impacted versions from its official plugin marketplace.
The fixed versions for IntelliJ IDEs include:
- Aqua: 2024.1.2
- CLion: 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2
- DataGrip: 2024.1.4
- DataSpell: 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2
- GoLand: 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3
- IntelliJ IDEA: 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3
- MPS: 2023.2.1, 2023.3.1, 2024.1 EAP2
- PhpStorm: 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3
- PyCharm: 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2
- Rider: 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3
- RubyMine: 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4
- RustRover: 2024.1.1
- WebStorm: 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
JetBrains has urged administrators to patch their systems immediately and revoke any GitHub tokens used by the affected plugin to prevent potential unauthorized access.
“In addition to working on a security fix, we contacted GitHub to help minimize the impact,” Pleskunin stated. “Due to the measures implemented during the mitigation process, the JetBrains GitHub plugin may not function as expected in older versions of JetBrains IDEs.”
Trending: Offensive Security Tool: PingRAT
Patch and Revoke Github tokens
JetBrains also advises customers who have used GitHub pull request functionality in IntelliJ IDEs to revoke any GitHub tokens linked to the vulnerable plugin. This includes tokens used with OAuth integration or Personal Access Tokens (PATs), and to delete the IntelliJ IDEA GitHub integration plugin token.
“Please note that after the token has been revoked, you will need to set up the plugin again as all plugin features, including Git operations, will stop working,” Pleskunin added.
Earlier this year, JetBrains warned of another critical vulnerability in its TeamCity On-Premises servers, which allowed attackers to gain admin privileges. Public exploit code for this vulnerability has been available since March.
Users are strongly advised to update their IntelliJ IDEs to the latest versions to ensure the security of their development environments and protect their GitHub accounts from potential exploitation.
Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
