CVE-2021-46687

🗓️ 06 Jul 2022 09:35:11Reported by JFROGType

JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-46687	6 Jul 202214:14	–	circl
CNNVD	JFrog Artifactory 安全漏洞	6 Jul 202200:00	–	cnnvd
Cvelist	CVE-2021-46687	6 Jul 202209:35	–	cvelist
EUVD	EUVD-2021-33358	3 Oct 202520:07	–	euvd
NVD	CVE-2021-46687	6 Jul 202210:15	–	nvd
OSV	BIT-ARTIFACTORY-2021-46687	6 Mar 202410:51	–	osv
OSV	CVE-2021-46687	6 Jul 202210:15	–	osv
Prion	Design/Logic Flaw	6 Jul 202210:15	–	prion
Positive Technologies	PT-2022-12902 · Jfrog · Jfrog Artifactory	6 Jul 202200:00	–	ptsecurity

NVD

Node

jfrog artifactoryRange6.0.0–6.23.38-

jfrog artifactoryRange7.0.0–7.31.10-

[
  {
    "product": "JFrog Artifactory",
    "vendor": "JFrog",
    "versions": [
      {
        "lessThan": "7.x",
        "status": "affected",
        "version": "JFrog Artifactory versions before 7.31.10",
        "versionType": "custom"
      },
      {
        "lessThan": "6.x",
        "status": "affected",
        "version": "JFrog Artifactory versions before 6.23.38",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
jfrog	www.jfrog.com/confluence/display/JFROG/JFrog+Security+Advisories
jfrog	www.jfrog.com/confluence/display/JFROG/CVE-2021-46687%3A+Sensitive+data+exposure+on+proxy+endpoint+for+Project+Admin

21 Nov 2024 06:34Current

5Medium risk

Vulners AI Score5

CVSS 3.14.9

CVSS 26.8

EPSS0.0025