CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10321
https://notcve.org/view.php?id=CVE-2019-10321
A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ArtifactoryBuilder.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en el Plugin Artifactory de Jenkins versión 3.2.2 y anteriores, en ArtifactoryBuilder.DescriptorImpl#doTestConnection permitía a los usuarios con acceso General y de Lectura conectarse a una URL especificada por el atacante usando ID de credenciales especificadas por el atacante conseguidas por medio otro método, capturando credenciales almacenadas en Jenkins. • http://www.openwall.com/lists/oss-security/2019/05/31/2 http://www.securityfocus.com/bid/108540 https://jenkins.io/security/advisory/2019-05-31/#SECURITY-1015%20%281%29 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0787 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000424
https://notcve.org/view.php?id=CVE-2018-1000424
An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 and earlier in ArtifactoryBuilder.java, CredentialsConfig.java that allows attackers with local file system access to obtain old credentials configured for the plugin before it integrated with Credentials Plugin. Existe una vulnerabilidad de credenciales protegidas de forma insuficiente en el plugin Jenkins Jenkins Artifactory, en versiones 2.16.1 y anteriores, en ArtifactoryBuilder.java y CredentialsConfig.java, que permite que los atacantes con acceso local al sistema de archivos obtengan las credenciales antiguas configuradas para el plugin antes de integrarse con el plugin Credentials. • http://www.securityfocus.com/bid/106532 https://jenkins.io/security/advisory/2018-09-25/#SECURITY-265 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 2CVE-2016-10036 – Jfrog Artifactory < 4.16 - Arbitrary File Upload / Remote Command Execution
https://notcve.org/view.php?id=CVE-2016-10036
Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a denial of service by uploading an HTML file. Vulnerabilidad de subida de archivos sin restricción en ui/artifact/upload en JFrog Artifactory, en versiones anteriores a la 4.16, permite que atacantes remotos (1) desplieguen una aplicación del servlet arbitraria y ejecuten código arbitrario mediante la subida de un archivo war o (2) puedan escribir en archivos arbitrarios y provoquen una denegación de servicio (DoS) mediante la subida de un archivo HTML. Jfrog Artifactory versions prior to 4.16 suffer from unauthenticated arbitrary file upload and remote command execution vulnerabilities. • https://www.exploit-db.com/exploits/44543 http://packetstormsecurity.com/files/147378/Jfrog-Artifactory-Code-Execution-Shell-Upload.html https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-Artifactory4.16 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-6501
https://notcve.org/view.php?id=CVE-2016-6501
JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning. JFrog Artifactory en versiones anteriores a 4.11 permite a atacantes remotos ejecutar código arbitrario a través de un atributo LDAP con un objeto Java serializado manipulado, también conocido como envenenamiento de entrada LDAP. • http://www.securityfocus.com/bid/94855 https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-MainUpdates.7 • CWE-20: Improper Input Validation •