Summary
Artifactory is prone to a remote code-execution vulnerability.
Impact
Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the user running the affected application.
Solution
Update to Artifactory 3.1.1.1
Insight
Artifactory prior to version 3.1.1.1 using a XStream library which is prone to a remote code execution vulnerability.
Affected
Artifactory < 3.1.1.1
Detection
Check the installed version.
References
Severity
Classification
-
CVE CVE-2013-7285 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities