JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low-privileged user is able to delete other known users OAuth token, which will force a reauthentication on an active session or in the next UI session.
CPE | Name | Operator | Version |
---|---|---|---|
artifactory | ge | 6.0.0 | |
artifactory | lt | 6.23.38 | |
artifactory | ge | 7.0.0 | |
artifactory | lt | 7.29.3 |