CVE-2021-23163

Summary

JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.33.6 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x.

Affected Software

VendorProductVersion RangeStatus
JFrogJFrog ArtifactoryJFrog Artifactory versions before 7.33.6 < 7.xaffected
JFrogJFrog ArtifactoryJFrog Artifactory versions before 6.23.38 < 6.xaffected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References