Vulnerability identifier: #VU26535

Vulnerability risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-10204

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 5

• June 3, 2020
  • CVE-2020-10199-10204 (CVE-2020-10199 CVE-2020-10204 Python POC) [Github]
  • CVE-2020-10199 (CVE-2020-10199、CVE-2020-10204、CVE-2020-11444) [Github]
  • CVE-2020-10199_CVE-2020-10204 (CVE-2020-10199、CVE-2020-10204漏洞一键检测工具，图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.) [Github]
  • CVE-2020-10204 () [Github]
  • CVE-2020-10204 (CVE-2020-10204 远程命令执行脚本) [Github]

Impact: Code execution

Vulnerable software:
Nexus Repository Manager
Server applications / Other server solutions

Vendor: Sonatype Inc.