Multiple vulnerabilities in Sonatype Nexus Repository Manager



Published: 2019-07-08 | Updated: 2019-07-26
Risk High
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2019-9629
CVE-2019-9630
CWE-ID CWE-255
CWE-264
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Nexus Repository Manager
Server applications / Other server solutions

Vendor Sonatype Inc.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Default administrative credentials

EUVDB-ID: #VU19393

Risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9629

CWE-ID: CWE-255 - Credentials Management

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to software uses default weak administrative credentials. A remote attacker with knowledge of default credentials can compromise the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Nexus Repository Manager: 3.0.0-03 - 3.16.2-01

External links

http://www.twistlock.com/labs-blog/vulnerabilities-nexus-repository-left-thousands-artifacts-exposed/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU19395

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-9630

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses weak security policy by default that allows all unauthenticated users to read files and images on the repository. A remote non-authenticated attacker can gain access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Nexus Repository Manager: 3.0.0-03 - 3.16.2-01

External links

http://www.twistlock.com/labs-blog/vulnerabilities-nexus-repository-left-thousands-artifacts-exposed/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###