Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin user is able to list all available repository names due to insufficient permission validation.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
JFrog Artifactory 安全漏洞
Vulnerability Description
Jfrog JFrog Artifactory是以色列JFrog(Jfrog)公司的一款开源的通用Artifact存储库管理器,它支持集群和高可用性Docker注册表,并提供端到端的用于跟踪从开发到生产的工件自动化解决方案。 JFrog Artifactory 存在安全漏洞,该漏洞源于在7.31.10之前的JFrog Artifactory中,由于权限验证不足,项目管理员用户能够列出所有可用的存储库名称,因此容易受到访问控制中断的影响。
CVSS Information
N/A
Vulnerability Type
N/A