Affordable, manageable, understandable solution for cyber security. Get early access for Product X !
Details
Stay Up To Date
Need Membership

No

API Support

Yes

Estimate Time (Second)

30

Online Nexus Repository Manager 3 RCE Vulnerability (CVE-2020-10199) Scanner Detail

If you are using Nexus Repository Manager 3, it is better to check your system if any vulnerability exists.

Vulnerability

A Remote Code Execution vulnerability has been discovered in Nexus Repository Manager requiring immediate action. The vulnerability allows for an attacker with any type of account on NXRM to execute arbitrary code by crafting a malicious request to NXRM.

This vulnerability was identified by an external researcher and has been verified by Sonatype security team. The identified vulnerability can allow for the user to evaluate any code they send on the system, that the user running the server has privileges to.

Some Advice for Common Problems

We are highly recommending all affected instances of NXRM be upgraded to NXRM 3.21.2 or later. The latest version can be downloaded here.

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service