Описание
Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.6.5:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:professional:*:*:*
cpe:2.3:a:sonatype:nexus:2.7.1:*:*:*:open_source:*:*:*
cpe:2.3:a:sonatype:nexus:2.7.1:*:*:*:professional:*:*:*
EPSS
Процентиль: 76%
0.00985
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."
EPSS
Процентиль: 76%
0.00985
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo