Lucene search
HistoryJan 17, 2014 - 8:55 p.m.
CVE-2014-0792
cve-2014-0792
sonatype nexus
remote attackers
arbitrary objects
arbitrary code
unmarshalling
object types
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.032 Low
EPSS
Percentile
91.2%
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
Affected configurations
Node
sonatypenexusMatch1.0
ORsonatypenexusMatch2.0
ORsonatypenexusMatch2.0.1
ORsonatypenexusMatch2.0.2
ORsonatypenexusMatch2.0.3
ORsonatypenexusMatch2.0.4
ORsonatypenexusMatch2.0.41
ORsonatypenexusMatch2.0.5
ORsonatypenexusMatch2.0.6
ORsonatypenexusMatch2.1
ORsonatypenexusMatch2.1.1
ORsonatypenexusMatch2.2
ORsonatypenexusMatch2.3.1
ORsonatypenexusMatch2.4.0
ORsonatypenexusMatch2.5.0
ORsonatypenexusMatch2.5.1
ORsonatypenexusMatch2.6.0
ORsonatypenexusMatch2.6.1
ORsonatypenexusMatch2.6.2
ORsonatypenexusMatch2.6.3
ORsonatypenexusMatch2.6.4
ORsonatypenexusMatch2.7.0
ORsonatypenexusMatch2.7.004
ORsonatypenexusMatch2.7.005
ORsonatypenexusMatch2.7.006
Related
prion
prion
Code injection
2014-01-17 20:55:00
ubuntucve
ubuntucve
CVE-2014-0792
2014-01-17 00:00:00
cvelist
cvelist
CVE-2014-0792
2014-01-17 16:00:00
nvd
nvd
CVE-2014-0792
2014-01-17 20:55:04
veracode
veracode
Remote Code Execution (RCE)
2019-03-25 08:40:41
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.032 Low
EPSS
Percentile
91.2%
Related for CVE-2014-0792