CVE-2021-45977

Summary

CVE	CVE-2021-45977
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-02-25 15:15:00 UTC
Updated	2022-03-08 15:58:00 UTC
Description	JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC (used as Remote Development backend IDEs) bind to the 0.0.0.0 IP address. The fixed versions are: IntelliJ IDEA 2021.3.1, PyCharm Professional 2021.3.1, GoLand 2021.3.2, PhpStorm 2021.3.1 (213.6461.83), RubyMine 2021.3.1, CLion 2021.3.2, and WebStorm 2021.3.1.

Risk And Classification

Problem Types: NVD-CWE-noinfo

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Jetbrains	Clion	2021.3.1	All	All	All
Application	Jetbrains	Goland	2021.3.1	All	All	All
Application	Jetbrains	Intellij Idea	2021.3.1	preview	All	All
Application	Jetbrains	Intellij Idea	2021.3.1	rc	All	All
Application	Jetbrains	Phpstorm	2021.3.1	preview	All	All
Application	Jetbrains	Phpstorm	2021.3.1	rc	All	All
Application	Jetbrains	Pycharm	2021.3.1	2021.3.1	All	All
Application	Jetbrains	Rubymine	2021.3.1	preview	All	All
Application	Jetbrains	Rubymine	2021.3.1	rc	All	All
Application	Jetbrains	Webstorm	2021.3.1	preview	All	All
Application	Jetbrains	Webstorm	2021.3.1	rc	All	All

References

Reference	Source	Link	Tags
JetBrains Security Bulletin Q4 2021 \| JetBrains News	MISC	blog.jetbrains.com
JetBrains: Essential tools for software developers and teams	MISC	jetbrains.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.