Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
SYSTEM MAINTENANCE: Thurs., Sept. 19, 1 AM ET, Platform will be unavailable for approx. 60 minutes.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
SKumar1632984218
Contributor
Contributor
‎2021-12-07 07:42 AM

Vulnerability Issue : CVE-2020-10199

Vulnerability  : CVE-2020-10199

Sonatype Nexus Repository Manager 3.x < 3.21.2 RCE

Synopsis :The Nexus Repository Manager server running on the remote host is affected by a remote code execution vulnerability. 

Description: The Sonatype Nexus Repository Manager server application running on the remote host is version 3.x prior to 3.21.2. It is, therefore, affected by a remote code execution vulnerability, which allows for an attacker with any type of account on NXRM to execute arbitrary code by crafting a malicious request to NXRM.

Labels (3)
Labels
124 Views
0 Likes
1 Reply
Anonymous
Not applicable
‎2021-12-08 02:43 AM

Hello,

I believe this vulnerability is related to the same issue as described in below sonatype article:

 

https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31

 

and as per the recommendation:

 

"We are highly recommending all affected instances of NXRM be upgraded to NXRM 3.21.2 or later."

 

We do support nexus 3.30 starting Talend 7.3.1 version, so please upgrade to avoid any issues.

124 Views
0 Likes