Lucene search
103e4ec9-0a87-450b-af77-479448ddef11NVD:CVE-2024-4956HistoryMay 16, 2024 - 4:15 p.m.
CVE-2024-4956
2024-05-1616:15:10
CWE-22
103e4ec9-0a87-450b-af77-479448ddef11
web.nvd.nist.gov
2
cve-2024-4956
path traversal
sonatype nexus repository 3
unauthenticated attacker
read system files
fixed version 3.68.1
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.013 Low
EPSS
Percentile
85.7%
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.
Related
githubexploit
githubexploit
Exploit for CVE-2024-4956
2024-06-09 10:57:29
Exploit for CVE-2024-4956
2024-05-23 16:46:28
Exploit for CVE-2024-4956
2024-05-30 08:04:27
vulnrichment
vulnrichment
CVE-2024-4956 Nexus Repository 3 - Path Traversal
2024-05-16 15:31:01
nuclei
nuclei
Sonatype Nexus Repository Manager 3 - Local File Inclusion
2024-05-23 06:24:19
cve
cve
CVE-2024-4956
2024-05-16 16:15:10
cvelist
cvelist
CVE-2024-4956 Nexus Repository 3 - Path Traversal
2024-05-16 15:31:01
openvas
openvas
Generic HTTP Directory Traversal (Web Root) - Active Check
2017-04-18 00:00:00
Generic HTTP Directory Traversal (Web Dirs) - Active Check
2021-07-22 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.013 Low
EPSS
Percentile
85.7%
Related for NVD:CVE-2024-4956