CVE-2021-46270

JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin user is able to list all available repository names due to insufficient permission validation.

Link	Resource
https://www.jfrog.com/confluence/display/JFROG/JFrog+Security+Advisories	Vendor Advisory
https://www.jfrog.com/confluence/display/JFROG/CVE-2021-46270%3A+Artifactory+Project+Admin+Repository+Name+Disclosure	Vendor Advisory

Configuration 1

cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*

---

Published : 2022-03-02 10:15

Updated : 2022-03-09 05:46

---

NVD link : CVE-2021-46270

Mitre link : CVE-2021-46270

No products.

CWE-276

Incorrect Default Permissions