CVE-2024-3505 – JFrog Self-Hosted Artifactory Proxy configuration accessible to low-privilege users

https://notcve.org/view.php?id=CVE-2024-3505

JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive information disclosure whereby a low-privileged authenticated user can read the proxy configuration. This does not affect JFrog cloud deployments. Las versiones autohospedadas de JFrog Artifactory inferiores a 7.77.3 son vulnerables a la divulgación de información confidencial mediante la cual un usuario autenticado con pocos privilegios puede leer la configuración del proxy. Esto no afecta las implementaciones en la nube de JFrog. • https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •