Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Vulnerability : CVE-2020-10199
Sonatype Nexus Repository Manager 3.x < 3.21.2 RCE
Synopsis :The Nexus Repository Manager server running on the remote host is affected by a remote code execution vulnerability.
Description: The Sonatype Nexus Repository Manager server application running on the remote host is version 3.x prior to 3.21.2. It is, therefore, affected by a remote code execution vulnerability, which allows for an attacker with any type of account on NXRM to execute arbitrary code by crafting a malicious request to NXRM.
Hello,
I believe this vulnerability is related to the same issue as described in below sonatype article:
https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31
and as per the recommendation:
"We are highly recommending all affected instances of NXRM be upgraded to NXRM 3.21.2 or later."
We do support nexus 3.30 starting Talend 7.3.1 version, so please upgrade to avoid any issues.