First published: Thu Jan 23 2020(Updated: )
In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Jfrog Artifactory | <5.11.8 | |
Jfrog Artifactory | >=6.0.0<6.1.6 | |
Jfrog Artifactory | >=6.2.0<6.3.9 | |
Jfrog Artifactory | >=6.4.0<6.7.8 | |
Jfrog Artifactory | >=6.8.0<6.8.17 | |
Jfrog Artifactory | >=6.9.0<6.9.6 | |
Jfrog Artifactory | >=6.10.0<6.10.9 | |
Jfrog Artifactory | >=6.11.0<6.11.7 | |
Jfrog Artifactory | >=6.12.0<6.12.3 | |
Jfrog Artifactory | >=6.13.0<6.13.2 | |
Jfrog Artifactory | >=6.14.0<6.14.2 | |
Jfrog Artifactory | >=6.15.0<6.15.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-7931 is a vulnerability in JFrog Artifactory 5.x and 6.x that allows for remote code execution through insecure FreeMarker template processing.
CVE-2020-7931 has a severity rating of 8.8, which is considered high.
JFrog Artifactory versions between 5.11.8 and 6.16.0 are affected by CVE-2020-7931.
To fix CVE-2020-7931, apply the available patches for JFrog Artifactory versions between 5.11.8 and 6.16.0.
You can find more information about CVE-2020-7931 at the following references: [Reference 1](https://github.com/atredispartners/advisories/blob/master/ATREDIS-2019-0006.md), [Reference 2](https://www.jfrog.com/confluence/display/RTF/Release+Notes).