CVE-2023-51655

MEDIUM

JetBrains IntelliJ IDEA <2023.3.2 - RCE

Title source: llm

Description

In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration

References (1)

[Vendor Advisory] https://www.jetbrains.com/privacy-security/issues-fixed/

Scores

CVSS v3 6.3

EPSS 0.0000

EPSS Percentile 0.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Details

CWE

CWE-349 CWE-345

Status published

Products (1)

jetbrains/intellij_idea < 2023.3.2

Published Dec 21, 2023

Tracked Since Feb 18, 2026