Description

In JFrog Artifactory before 6.18, it is not possible to restrict either system or repository imports by any admin user in the enterprise, which can lead to "undesirable results."

Remediation

References

CVE-2019-19937

Related Vulnerabilities

MongoDb Resource Management Errors Vulnerability (CVE-2013-3969)

Envoy Proxy Missing Authentication for Critical Function Vulnerability (CVE-2022-29226)

Magento Cryptographic Issues Vulnerability (CVE-2019-7855)

WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.9)

WordPress Plugin Instagram Plugin-InstaLinker Cross-Site Scripting (1.1.1)

Severity

High

Classification

CVE-2019-19937 CWE-20 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities