CVE-2020-7931

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-7931

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-7931.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-7931

Aliases

BIT-artifactory-2020-7931

Withdrawn

2024-05-08T06:50:50.002898Z

Published

2020-01-23T15:15:14Z

Modified

2023-12-06T00:45:37.941895Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template.

References

Affected packages

Git / github.com/jfrog/artifactory-docker-examples

Affected ranges

Type: GIT
Repo: https://github.com/jfrog/artifactory-docker-examples
Events: Introduced

39028f7c59efa49c1b5b95f485a71c8dbc5515ec

Introduced

5de58b936906a4dde8b17938ffa774a9bda61a40

Introduced

20fecc1651a5af00971b880d7c1bd18884211fc9

Introduced

198433288634e2fea25878ad0c80caa5aa65ba23

Introduced

d9612baf85e722ef7e0fbf778719bca6b08e6045

Introduced

6b015f7f004f3fbd7a294c8ac0ced3b79e2fd9cc

Introduced

b12d47bfe99a34f47ed048f02a93edaf18463987

Introduced

718b9816b8427560fc9d4722527330cc1ad4a67b

Introduced

3f35e99fea7e330a97f81e1117610af2016d1b87

Introduced

62ac154ead5fc1be889c9c8a5018a7b7ce197322

Affected versions

6.*

6.15.0

6.16.0

6.17.0

6.18.0

6.18.1

6.19.0

6.19.1

6.2.0

6.20.0

6.20.1

6.21.0

6.22.0

6.23.0

6.23.1

6.23.13

6.23.3

6.23.7

6.3.0

6.3.2