CVSS: 8.8EPSS: 1%CPEs: 12EXPL: 2CVE-2020-7931
https://notcve.org/view.php?id=CVE-2020-7931
In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template. En JFrog Artifactory versiones 5.x y 6.x, el procesamiento no seguro de la plantilla FreeMarker conlleva a una ejecución de código remota, por ejemplo, mediante la modificación de un archivo .ssh/authorized_keys. Los parches están disponibles para varias versiones entre 5.11.8 y 6.16.0. • https://github.com/gquere/CVE-2020-7931 https://github.com/atredispartners/advisories/blob/master/ATREDIS-2019-0006.md https://www.jfrog.com/confluence/display/RTF/Release+Notes •
CVSS: 9.8EPSS: 61%CPEs: 1EXPL: 2CVE-2019-9733 – JFrog Artifactory Administrator Authentication Bypass
https://notcve.org/view.php?id=CVE-2019-9733
An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory console. This is only allowable from a connection directly from localhost, but providing a X-Forwarded-For HTTP header to the request allows an unauthenticated user to login with the default credentials of the access-admin account while bypassing the whitelist of allowed IP addresses. The access-admin account can use Artifactory's API to request authentication tokens for all users including the admin account and, in turn, assume full control of all artifacts and repositories managed by Artifactory. Existe un problema en JFrog Artifactory versión 6.7.3. • http://packetstormsecurity.com/files/152172/JFrog-Artifactory-Administrator-Authentication-Bypass.html https://www.ciphertechs.com/jfrog-artifactory-advisory https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-Artifactory6.8.6 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-19971 – JFrog Artifactory Pro 6.5.9 Signature Validation
https://notcve.org/view.php?id=CVE-2018-19971
JFrog Artifactory Pro 6.5.9 has Incorrect Access Control. JFrog Artifactory Pro 6.5.9 tiene un control de acceso incorrecto. The SAML SSO addon in JFrog Artifactory version 6.5.9 does not properly validate the XML signature in the SAMLResponse field send to the URL /webapp/saml/loginResponse. An attacker can use this flaw to login as any user if they already can login as some user. • http://packetstormsecurity.com/files/152137/JFrog-Artifactory-Pro-6.5.9-Signature-Validation.html http://seclists.org/fulldisclosure/2019/Mar/34 http://www.securityfocus.com/bid/107518 https://bintray.com/jfrog/artifactory-pro/jfrog-artifactory-pro-zip/6.5.13#release https://lists.openwall.net/full-disclosure/2019/03/19/3 • CWE-345: Insufficient Verification of Data Authenticity •