Vulnerability in Jfrog Artifactory
CVE-2021-45730
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrat…
EPSS: 0.002 (37.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L.
Affected products
- Jfrog Artifactory — versions 7.x
Weakness classification (CWE)
References
- www.jfrog.com/confluence/display/JFROG/CVE-2021-45730:+Artifactory+Broken+Acces… (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2021-45730?
- CVE-2021-45730 is a medium-severity vulnerability in Jfrog Artifactory, classified under Improper Access Control. CVSS score: 6.0/10. Published 2022-05-19.
- How severe is CVE-2021-45730?
- Medium severity. CVSS v3 base score is 6.0 out of 10.