CVE-2024-37051 PoC — JetBrains 多款集成开发环境安全漏洞

Source

Associated Vulnerability

Description

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)

Readme

# CVE-2024-37051 Analysis

## Overview
CVE-2024-37051 is a vulnerability found in JetBrains' IntelliJ-based IDEs, affecting the GitHub plugin. It allows unauthorized exposure of GitHub access tokens when a malicious pull request (PR) is loaded.

## Technical Details
The vulnerability occurs during the rendering process of a PR in the IDE. Malicious PRs can cause the IDE to send GitHub tokens to an attacker's specified URL. The patch includes host validation to ensure tokens are sent only to authorized GitHub domains.

## Impact
The primary risk is unauthorized access to GitHub tokens, allowing attackers to access private repositories, modify code, and access sensitive data. This requires the user to load a malicious PR. Prompt updates to the latest IDE version and revoking existing tokens are recommended.

## Mitigation
- **Update IDE and GitHub Plugin**: Ensure you have the latest versions.
- **Revoke and Regenerate Tokens**: Prevent misuse of compromised tokens.

For more details, visit the [original analysis](https://leadroyal.cn/p/2403/).

File Snapshot

 [4.0K]  /data/pocs/8631b4591b3725f9b7b038facc91ceb843a38de4
├── [ 16K]  CVE-2024-37051.docx
└── [1.0K]  README.md

0 directories, 2 files

Remarks