JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Artifactory | Jfrog | 6.0.0 (including) | 6.23.41 (excluding) |
Artifactory | Jfrog | 7.0.0 (including) | 7.37.13 (excluding) |