JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation.
CPE | Name | Operator | Version |
---|---|---|---|
artifactory | ge | 7.0.0 | |
artifactory | lt | 7.28.0 | |
artifactory | lt | 6.23.38 |