First published: Thu Nov 04 2021(Updated: )
Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sonatype Nexus Repository Manager | >=3.0.0<=3.35.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-43293.
The severity of CVE-2021-43293 is medium (4.3).
Sonatype Nexus Repository Manager versions before 3.36.0 are affected by CVE-2021-43293.
An attacker can potentially perform network enumeration through Server Side Request Forgery (SSRF).
To fix CVE-2021-43293, upgrade to Sonatype Nexus Repository Manager version 3.36.0 or later.