CVE-2021-45730

MEDIUM

JFrog Artifactory <7.31.10 - Privilege Escalation

Title source: llm
STIX 2.1

Description

JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.

Scores

CVSS v3 6.0
EPSS 0.0050
EPSS Percentile 38.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L

Details

CWE
CWE-284
Status published
Products (1)
jfrog/artifactory 7.0.0 - 7.31.10
Published May 19, 2022
Tracked Since Feb 18, 2026