First published: Tue Nov 02 2021(Updated: )
Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sonatype Nexus Repository Manager | >=3.0.0<=3.35.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for Sonatype Nexus Repository Manager is CVE-2021-42568.
The severity of CVE-2021-42568 is medium (4.3).
Attackers can exploit CVE-2021-42568 by accessing the SSL Certificates Loading function via a low-privileged account.
Versions 3.0.0 through 3.35.0 of Sonatype Nexus Repository Manager are affected by CVE-2021-42568.
To fix the vulnerability in Sonatype Nexus Repository Manager, you should upgrade to a version higher than 3.35.0.