CVE-2024-38506
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Jun 18, 2024
Updated: Jun 20, 2024
CWE ID 862
Summary
CVE-2024-38506 is a vulnerability affecting JetBrains YouTrack versions prior to 2024.2.34646. This issue allows users without the necessary permissions to enable the auto-attach option for workflows, potentially leading to unintended changes or unauthorized access to attached files. This could result in security risks and disruptions to standard workflow processes. Organizations using YouTrack are advised to upgrade to the latest version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- JetBrains YouTrack
Affected Vendors
- JetBrains