CVE-2024-27139: Apache Archiva: incorrect authentication potentially leading to account takeover

CVE-2024-27139: Apache Archiva: incorrect authentication potentially leading to account takeover

Open Source Security [[{„value“:“

Posted by Arnout Engelen on Mar 01

Severity: important

Affected versions:

– Apache Archiva 2.0.0 or later

Description:

** UNSUPPORTED WHEN ASSIGNED **

Incorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated
attacker to modify account data, potentially leading to account takeover.

This issue affects Apache Archiva: from 2.0.0.

As this project is retired, we do not plan to release a version that fixes this issue….
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert