4 matches found
CVE-2018-19971
JFrog Artifactory Pro 6.5.9 has Incorrect Access Control...
CVE-2018-19971
JFrog Artifactory Pro 6.5.9 has Incorrect Access Control...
CVE-2018-19971
The CVE-2018-19971 entry applies to JFrog Artifactory Pro SAML SSO addon. Patreon details from PacketStorm show Artifactory Pro 6.5.9 is vulnerable due to improper validation of the XML signature in the SAMLResponse sent to /webapp/saml/loginRespo (SAML SSO integration). This allows an attacker t...
JFrog Artifactory Pro 6.5.9 Signature Validation
CVE-2018-19971: JFrog Artifactory Pro SAML SSO signature validation error ------------------------------------------------------------------------- Affected products ================= The SAML SSO addon in Artifactory 6.5.9 is vulnerable. The SAML SSO addon in Artifactory 6.5.13 is NOT vulnerable...