CVE-2021-46687

Summary

JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x.

Affected Software

VendorProductVersion RangeStatus
JFrogJFrog ArtifactoryJFrog Artifactory versions before 7.31.10 < 7.xaffected
JFrogJFrog ArtifactoryJFrog Artifactory versions before 6.23.38 < 6.xaffected

Weaknesses

  • CWE-359: CWE-359 Exposure of Private Information ('Privacy Violation')

ADP Enrichment

CVE Program Container

Additional References

References