First published: Thu Nov 15 2018(Updated: )
Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sonatype Nexus Repository Manager | <3.14.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-16620 is a vulnerability in Sonatype Nexus Repository Manager before version 3.14 that allows incorrect access control.
CVE-2018-16620 is classified as a high severity vulnerability with a severity value of 7.5.
CVE-2018-16620 affects Sonatype Nexus Repository Manager versions up to and excluding version 3.14.0.
To fix CVE-2018-16620, you should upgrade to version 3.14.0 or later of Sonatype Nexus Repository Manager.
You can find more information about CVE-2018-16620 on the Sonatype support website: https://support.sonatype.com/hc/en-us/articles/360010789453-CVE-2018-16620-Nexus-Repository-Manager-Missing-Access-Controls-October-17-2018.