Unrated severityNVD Advisory· Published Mar 7, 2024· Updated Aug 2, 2024

JFrog Artifactory Improper SSO Mechanism may lead to Exposure of Access Tokens

CVE-2023-42662

Description

JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are vulnerable to an issue whereby user interaction with specially crafted URLs could lead to exposure of user access tokens due to improper handling of the CLI / IDE browser based SSO integration.

Affected products

osv-coords
pkg:bitnami/artifactory
Range: >= 7.59.0, < 7.59.18
JFrog/Artifactoryv5
Range: 7.59

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jfrog.com/help/r/jfrog-release-information/jfrog-security-advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000