Описание
A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on disk (that the user running nxrm also has access to).
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0 (включая) до 2.14.19 (исключая)
cpe:2.3:a:sonatype:nexus_repository_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00809
Низкий
8.6 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on disk (that the user running nxrm also has access to).
EPSS
Процентиль: 74%
0.00809
Низкий
8.6 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-22