Description

In JFrog Artifactory before 6.18, it is not possible to restrict either system or repository imports by any admin user in the enterprise, which can lead to "undesirable results."

Remediation

References

CVE-2019-19937

Related Vulnerabilities

Oracle JRE CVE-2014-2428 Vulnerability (CVE-2014-2428)

WordPress Plugin MasterStudy LMS-for Online Courses and Education Local File Inclusion (3.3.0)

WordPress Plugin Participants Database Multiple Vulnerabilities (1.7.5.3)

Apache HTTP Server Use After Free Vulnerability (CVE-2017-9798)

WordPress Plugin Contest Gallery-Photo Contest for WordPress Cross-Site Scripting (13.1.0.9)

Severity

High

Classification

CVE-2019-19937 CWE-20 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities