CVE-2024-27138: Apache Archiva: disabling user registration is not effective

CVE-2024-27138: Apache Archiva: disabling user registration is not effective

Open Source Security [[{„value“:“

Posted by Arnout Engelen on Mar 01

Severity: moderate

Affected versions:

– Apache Archiva 2.0.0 or later

Description:

** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva.

Apache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva
has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to
look into migrating to a…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert