CVE-2025-68269
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-16
Last updated on: 2025-12-23
Assigner: JetBrains s.r.o.
Description
Description
In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jetbrains | intellij_idea | to 2025.3 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-349 | The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in JetBrains IntelliJ IDEA versions before 2025.3 involves a missing confirmation step that allows the software to open untrusted remote projects over SSH without user approval.
How can this vulnerability impact me? :
The vulnerability can lead to the unintentional opening of untrusted remote projects, potentially exposing the user to malicious code or data, which could compromise confidentiality and integrity of information.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70