Question 1

What is CVE-2020-24618?

Accepted Answer

CVE-2020-24618 is a medium-severity software vulnerability with a CVSS score of 6.5. In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.

Question 2

Is CVE-2020-24618 being actively exploited?

Accepted Answer

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 2%.

Question 3

What products does CVE-2020-24618 affect?

Accepted Answer

Tracked products affected include YouTrack. Check the version you run to see whether it is affected.

Question 4

How do I fix CVE-2020-24618?

Accepted Answer

Apply the vendor fix in your normal patch cycle. Upgrade affected products to a fixed version.

CVE-2020-24618

Summary

Impact & exploitability

Affected products we track (1)

Recommendation

Additional information