CVE-2019-10101 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 1%

Affected Products (NVD)

Vendor	Product	Version
jetbrains	kotlin	𝑥 < 1.3.30

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

kotlin

bookworm	1.3.31+ds1-1 fixed
sid	1.3.31+ds1-1 fixed

Known Exploits!

Common Weakness Enumeration

CWE-319 - Cleartext Transmission of Sensitive Information
The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References

https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019/

https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb

https://security.netapp.com/advisory/ntap-20230818-0012/

https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019/

https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb

https://security.netapp.com/advisory/ntap-20230818-0012/