CVE-2020-7931
Published Jan 23, 2020
Last updated 5 years ago
Overview
- Description
- In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "9BA72B2E-9598-48F8-8A3B-474E1BA99ABF",
"versionEndExcluding": "5.11.8"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "057CC0A7-F00C-4496-9045-087BC0BEC677",
"versionEndExcluding": "6.1.6",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "C9DB0D31-C736-4B3F-BB20-ADCD539A3225",
"versionEndExcluding": "6.3.9",
"versionStartIncluding": "6.2.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "FAF873A6-325C-4589-9FC7-0B414A92E137",
"versionEndExcluding": "6.7.8",
"versionStartIncluding": "6.4.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "281702B6-691C-4D60-B1C4-AF9083CF31C6",
"versionEndExcluding": "6.8.17",
"versionStartIncluding": "6.8.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EA2DB59-6626-44F2-8667-8408D8333C19",
"versionEndExcluding": "6.9.6",
"versionStartIncluding": "6.9.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F92A1591-1834-46DB-BA84-3F165AC996F0",
"versionEndExcluding": "6.10.9",
"versionStartIncluding": "6.10.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B501F387-063F-4350-AAAC-BE16F53A0080",
"versionEndExcluding": "6.11.7",
"versionStartIncluding": "6.11.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E87EEA9-4171-4FE3-A9F1-5596F4DE9C6B",
"versionEndExcluding": "6.12.3",
"versionStartIncluding": "6.12.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B1769D3-B13D-47CA-9148-C3A27FEA3E2B",
"versionEndExcluding": "6.13.2",
"versionStartIncluding": "6.13.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A24DFA3D-56F5-4391-B138-D45305847E69",
"versionEndExcluding": "6.14.2",
"versionStartIncluding": "6.14.0"
},
{
"criteria": "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B691C7BD-EBF9-4D8A-946C-21E27EA63194",
"versionEndExcluding": "6.15.1",
"versionStartIncluding": "6.15.0"
}
],
"operator": "OR"
}
]
}
]