漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache Archiva: disabling user registration is not effective
Vulnerability Description
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva. Apache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to look into migrating to a different solution, or isolate your instance from any untrusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
Apache Archiva 安全漏洞
Vulnerability Description
Apache Archiva是美国阿帕奇(Apache)基金会的一套用于管理一个或多个远程存储的软件。该软件提供远程Repository代理、基于角色的安全访问管理和使用情况报告等功能。 Apache Archiva 存在安全漏洞,该漏洞源于有一个禁用用户注册的设置可以被绕过。
CVSS Information
N/A
Vulnerability Type
N/A