Nexus Repository Manager 3 Remote Code Execution Vulnerability (CVE-2019-7238)

Sonatype released a patch earlier this month that fixes a Remote Code Execution (RCE) vulnerability in Nexus Repository Manager 3. The vulnerability exists because Nexus Repository Manager fails to implement Access Controls properly which leads to Remote Code Execution vulnerability. This vulnerability affects¬†Nexus Repository Manager 3.6.2 OSS/Pro versions up to and including 3.14.0. Vulnerability Analysis: … Continue reading “Nexus Repository Manager 3 Remote Code Execution Vulnerability (CVE-2019-7238)”