Detected exposure of build information in JFrog Artifactory via unauthenticated API endpoints. Access to these endpoints may disclose sensitive data such as build names, numbers, CI/CD pipeline details, artifact paths, and internal infrastructure information.
PoC代码[已公开]
id: jfrog-artifactory-build-exposure
info:
name: JFrog Artifactory Build - Exposure
author: theamanrawat
severity: medium
description: |
Detected exposure of build information in JFrog Artifactory via unauthenticated API endpoints. Access to these endpoints may disclose sensitive data such as build names, numbers, CI/CD pipeline details, artifact paths, and internal infrastructure information.
reference:
- https://jfrog.com/help/r/jfrog-rest-apis/builds
- https://jfrog.com/artifactory/
metadata:
verified: true
max-request: 1
shodan-query: 'http.title:"Artifactory"'
fofa-query: 'title="Artifactory"'
tags: jfrog,artifactory,exposure,misconfig,cicd
http:
- method: GET
path:
- "{{BaseURL}}/artifactory/api/build"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"builds"'
- '"uri"'
- '"lastStarted"'
condition: and
- type: word
part: content_type
words:
- "application/json"
- "application/vnd.org.jfrog"
condition: or
- type: status
status:
- 200
# digest: 4b0a00483046022100c41177edbebecffe44bf868a8c6d28eac1a6535ad658d4fa0f6ddf234c269ed3022100b5bf7a02a3f21e1eae7a101610884fe6b0337c5feadbc79ca50d4eb04cc1e3b2:922c64590222798bb761d5b6d8e72950