CVE-2021-34553

2021-06-1723:41:27

mitre

www.cve.org

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.8%

JSON

Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file (via a GET request) without having been granted access.

References

support.sonatype.com/hc/en-us/articles/4402433828371