First published: Mon Jul 08 2019(Updated: )
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sonatype Nexus Repository Manager | <3.17.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-9630 is a vulnerability in Sonatype Nexus Repository Manager before version 3.17.0 that allows unauthenticated users to have read permissions on repository files and images.
CVE-2019-9630 has a severity rating of 7.5 (high).
To fix CVE-2019-9630, upgrade Sonatype Nexus Repository Manager to version 3.17.0 or later.
The Common Weakness Enumeration (CWE) for CVE-2019-9630 is CWE-276.
You can find more information about CVE-2019-9630 at the following link: https://www.twistlock.com/labs-blog/vulnerabilities-nexus-repository-left-thousands-artifacts-exposed/