Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability - CVE-2021-41834
Reference:
CVE-2021-41834
Title:
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability
Overview:
JFrog Artifactory prior to version 7.28.0 and 6.23.38 is vulnerable to Broken Access Control the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation.