CVE-2021-42568

2021-11-0213:15:07

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.3%

JSON

Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account.

CPENameOperatorVersion
nexus-publiceqrelease-3.33.0-01
nexus-publiceqrelease-3.22.1-02
nexus-publiceqrelease-3.21.0-05
nexus-publiceqrelease-3.31.1-01
nexus-publiceqrelease-3.35.0-02
nexus-publiceqrelease-3.4.0-02
nexus-publiceqrelease-3.5.0-02
nexus-publiceqrelease-3.33.1-01
nexus-publiceqrelease-3.27.0-03
nexus-publiceqrelease-3.32.0-03

Name	Operator	Version
nexus-public	eq	release-3.33.0-01
nexus-public	eq	release-3.22.1-02
nexus-public	eq	release-3.21.0-05
nexus-public	eq	release-3.31.1-01
nexus-public	eq	release-3.35.0-02
nexus-public	eq	release-3.4.0-02
nexus-public	eq	release-3.5.0-02
nexus-public	eq	release-3.33.1-01
nexus-public	eq	release-3.27.0-03
nexus-public	eq	release-3.32.0-03