CVE-2019-7238 - Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability
Project:Sonatype
Product:Nexus Repository Manager
Date Added:2021-12-10Due Date:2022-06-10
Vulnerability Name
Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability
Description
Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-7238