CVE-2024-6915

EUVD-2024-47902
JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7.55.18 are vulnerable to Improper Input Validation that could potentially lead to cache poisoning.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
jfrogartifactory
𝑥
≤ 7.90.6
ADP
jfrogartifactory
𝑥
< 7.84.20
ADP
jfrogartifactory
𝑥
< 7.77.14
ADP
jfrogartifactory
𝑥
< 7.71.23
ADP
jfrogartifactory
𝑥
< 7.68.22
ADP
jfrogartifactory
𝑥
< 7.63.22
ADP
jfrogartifactory
𝑥
< 7.59.23
ADP
jfrogartifactory
𝑥
< 7.55.18
ADP
Common Weakness Enumeration
References
https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories