Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L
Vulnerability Type
访问控制不恰当
Vulnerability Title
JFrog Artifactory 安全漏洞
Vulnerability Description
Jfrog JFrog Artifactory是以色列Jfrog公司的一款开源的通用Artifact存储库管理器,它支持集群和高可用性Docker注册表,并提供端到端的用于跟踪从开发到生产的工件自动化解决方案。 JFrog Artifactory 7.31.10 之前版本存在安全漏洞,该漏洞源于访问控制错误,允许项目管理员创建、编辑和删除存储库布局,而存储库布局配置应该仅适用于平台管理员。
CVSS Information
N/A
Vulnerability Type
N/A