CVE-2021-45730
First published: Thu May 19 2022(Updated: )
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.
Credit: reefs@jfrog.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jfrog Artifactory | >=7.0.0<7.31.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this JFrog Artifactory vulnerability?
The vulnerability ID for this JFrog Artifactory vulnerability is CVE-2021-45730.
What is the severity of CVE-2021-45730?
The severity of CVE-2021-45730 is medium with a severity value of 4.9.
What is the description of CVE-2021-45730?
CVE-2021-45730 is a vulnerability in JFrog Artifactory prior to 7.31.10 that allows a Project Admin to create, edit, and delete Repository Layouts, which should only be available for Platform Administrators.
How does CVE-2021-45730 affect JFrog Artifactory?
CVE-2021-45730 affects JFrog Artifactory versions prior to 7.31.10.
Is there a fix for CVE-2021-45730?
Yes, the fix for CVE-2021-45730 is to update JFrog Artifactory to version 7.31.10 or newer.
- collector/nvd-index
- agent/weakness
- agent/type
- vendor/jfrog
- canonical/jfrog artifactory
- version/jfrog artifactory/7.0.0