Description
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected products
- sonatype / nexus_repository_manager3.0.0 β 3.0.0
- sonatype / nexus_repository_manager3.0.2 β 3.0.2
- sonatype / nexus_repository_manager3.0.1 β 3.0.1
- sonatype / nexus_repository_manager3.1.0 β 3.1.0
- sonatype / nexus_repository_manager3.2.0 β 3.2.0
- sonatype / nexus_repository_manager3.2.1 β 3.2.1
- sonatype / nexus_repository_manager3.3.0 β 3.3.0
- sonatype / nexus_repository_manager3.3.1 β 3.3.1
- sonatype / nexus_repository_manager3.3.2 β 3.3.2
- sonatype / nexus_repository_manager3.4.0 β 3.4.0
- sonatype / nexus_repository_manager3.5.0 β 3.5.0
- sonatype / nexus_repository_manager3.5.1 β 3.5.1
- sonatype / nexus_repository_manager3.5.2 β 3.5.2
- sonatype / nexus_repository_manager3.6.0 β 3.6.0
- sonatype / nexus_repository_manager3.6.1 β 3.6.1
- sonatype / nexus_repository_manager3.6.2 β 3.6.2
- sonatype / nexus_repository_manager3.7.0 β 3.7.0
- sonatype / nexus_repository_manager3.7.1 β 3.7.1
- sonatype / nexus_repository_manager3.8.0 β 3.8.0
- sonatype / nexus_repository_manager3.9.0 β 3.9.0
- sonatype / nexus_repository_manager3.10.0 β 3.10.0
- sonatype / nexus_repository_manager3.11.0 β 3.11.0
- sonatype / nexus_repository_manager3.12.0 β 3.12.0
- sonatype / nexus_repository_manager3.12.1 β 3.12.1
- sonatype / nexus_repository_manager3.13.0 β 3.13.0
- sonatype / nexus_repository_manager3.14.0 β 3.14.0
- sonatype / nexus_repository_manager3.15.0 β 3.15.0
- sonatype / nexus_repository_manager3.15.1 β 3.15.1
- sonatype / nexus_repository_manager3.15.2 β 3.15.2
- sonatype / nexus_repository_manager3.16.0 β 3.16.0
- sonatype / nexus_repository_manager3.16.1 β 3.16.1
- sonatype / nexus_repository_manager3.16.2 β 3.16.2
- sonatype / nexus_repository_manager3.17.0 β 3.17.0
- sonatype / nexus_repository_manager3.18.0 β 3.18.0
- sonatype / nexus_repository_manager3.18.1 β 3.18.1
- sonatype / nexus_repository_manager3.19.0 β 3.19.0
- sonatype / nexus_repository_manager3.19.1 β 3.19.1
- sonatype / nexus_repository_manager3.20.0 β 3.20.0
- sonatype / nexus_repository_manager3.20.1 β 3.20.1
- sonatype / nexus_repository_manager3.21.0 β 3.21.0
- sonatype / nexus_repository_manager3.21.1 β 3.21.1
- sonatype / nexus_repository_manager3.21.2 β 3.21.2
- sonatype / nexus_repository_manager3.22.0 β 3.22.0
- sonatype / nexus_repository_manager3.22.1 β 3.22.1
- sonatype / nexus_repository_manager3.23.0 β 3.23.0
- sonatype / nexus_repository_manager3.24.0 β 3.24.0
- sonatype / nexus_repository_manager3.25.0 β 3.25.0
- sonatype / nexus_repository_manager3.25.1 β 3.25.1
- sonatype / nexus_repository_manager3.26.0 β 3.26.0
- sonatype / nexus_repository_manager3.26.1 β 3.26.1
- sonatype / nexus_repository_manager3.27.0 β 3.27.0
- sonatype / nexus_repository_manager3.28.0 β 3.28.0
- sonatype / nexus_repository_manager3.28.1 β 3.28.1
- sonatype / nexus_repository_manager3.29.0 β 3.29.0
- sonatype / nexus_repository_manager3.29.2 β 3.29.2
- sonatype / nexus_repository_manager3.30.0 β 3.30.0
- sonatype / nexus_repository_manager3.30.1 β 3.30.1
- sonatype / nexus_repository_manager3.31.0 β 3.31.0
- sonatype / nexus_repository_manager3.31.1 β 3.31.1
- sonatype / nexus_repository_manager3.32.0 β 3.32.0
- sonatype / nexus_repository_manager3.33.0 β 3.33.0
- sonatype / nexus_repository_manager3.33.1 β 3.33.1
- sonatype / nexus_repository_manager3.34.0 β 3.34.0
- sonatype / nexus_repository_manager3.34.1 β 3.34.1
- sonatype / nexus_repository_manager3.35.0 β 3.35.0
- sonatype / nexus_repository_manager3.36.0 β 3.36.0
- sonatype / nexus_repository_manager3.37.0 β 3.37.0
- sonatype / nexus_repository_manager3.37.1 β 3.37.1
- sonatype / nexus_repository_manager3.32.1 β 3.32.1
- sonatype / nexus_repository_manager3.37.2 β 3.37.2
- sonatype / nexus_repository_manager3.37.3 β 3.37.3
- sonatype / nexus_repository_manager3.38.0 β 3.38.0
- sonatype / nexus_repository_manager3.38.1 β 3.38.1
- sonatype / nexus_repository_manager3.39.0 β 3.39.0
- sonatype / nexus_repository_manager3.40.0 β 3.40.0
- sonatype / nexus_repository_manager3.40.1 β 3.40.1
- sonatype / nexus_repository_manager3.41.0 β 3.41.0
- sonatype / nexus_repository_manager3.41.1 β 3.41.1
- sonatype / nexus_repository_manager3.42.0 β 3.42.0
- sonatype / nexus_repository_manager3.43.0 β 3.43.0
- sonatype / nexus_repository_manager3.44.0 β 3.44.0
- sonatype / nexus_repository_manager3.45.0 β 3.45.0
- sonatype / nexus_repository_manager3.45.1 β 3.45.1
- sonatype / nexus_repository_manager3.46.0 β 3.46.0
- sonatype / nexus_repository_manager3.47.0 β 3.47.0
- sonatype / nexus_repository_manager3.47.1 β 3.47.1
- sonatype / nexus_repository_manager3.48.0 β 3.48.0
- sonatype / nexus_repository_manager3.49.0 β 3.49.0
- sonatype / nexus_repository_manager3.50.0 β 3.50.0
- sonatype / nexus_repository_manager3.51.0 β 3.51.0
- sonatype / nexus_repository_manager3.52.0 β 3.52.0
- sonatype / nexus_repository_manager3.53.0 β 3.53.0
- sonatype / nexus_repository_manager3.53.1 β 3.53.1
- sonatype / nexus_repository_manager3.54.0 β 3.54.0
- sonatype / nexus_repository_manager3.54.1 β 3.54.1
- sonatype / nexus_repository_manager3.55.0 β 3.55.0
- sonatype / nexus_repository_manager3.56.0 β 3.56.0
- sonatype / nexus_repository_manager3.57.0 β 3.57.0
- sonatype / nexus_repository_manager3.57.1 β 3.57.1
- sonatype / nexus_repository_manager3.58.0 β 3.58.0
- sonatype / nexus_repository_manager3.58.1 β 3.58.1
- sonatype / nexus_repository_manager3.59.0 β 3.59.0
- sonatype / nexus_repository_manager3.60.0 β 3.60.0
- sonatype / nexus_repository_manager3.61.0 β 3.61.0
- sonatype / nexus_repository_manager3.62.0 β 3.62.0
- sonatype / nexus_repository_manager3.63.0 β 3.63.0
- sonatype / nexus_repository_manager3.64.0 β 3.64.0
- sonatype / nexus_repository_manager3.65.0 β 3.65.0
- sonatype / nexus_repository_manager3.66.0 β 3.66.0
- sonatype / nexus_repository_manager3.67.0 β 3.67.0
- sonatype / nexus_repository_manager3.67.1 β 3.67.1
- sonatype / nexus_repository_manager3.68.0 β 3.68.0
Exploits & PoCs
- nucleiSonatype Nexus Repository Manager 3 - Local File Inclusionby ritikchaddha