Assigner | Sonatype |
Reserved | 2024-05-15 |
Published | 2024-05-16 |
Updated | 2024-06-04 |
Description
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Problem types
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Product status
3.0.0
Credits
Erick Fernando Xavier de Oliveira (erickfernandox)
References
https://support.sonatype.com/hc/en-us/articles/29416509323923