6.5 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.8%
Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file (via a GET request) without having been granted access.
support.sonatype.com/hc/en-us/articles/4402433828371