Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Artifactory Incorrect Authorization Vulnerability - CVE-2021-45074 - Vulnerability Database
Artifactory

Artifactory Incorrect Authorization Vulnerability - CVE-2021-45074

Medium
Reference: CVE-2021-45074
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-45074
Title: Artifactory Incorrect Authorization Vulnerability
Overview:

JFrog Artifactory before 7.29.3 and 6.23.38 is vulnerable to Broken Access Control a low-privileged user is able to delete other known users OAuth token which will force a reauthentication on an active session or in the next UI session.