CVE-2016-6501

Name of the Vulnerable Software and Affected Versions JFrog Artifactory versions prior to 4.11

Description The issue allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object. This is also known as LDAP entry poisoning.

Recommendations For versions prior to 4.11, update to version 4.11 or later to resolve the issue. As a temporary workaround, consider restricting access to LDAP attributes to minimize the risk of exploitation.