2 matches found
CVE-2014-2034
CVE-2014-2034 affects Sonatype Nexus OSS/Pro 2.4.0–2.7.1, where an unauthenticated execution path enables attackers to create arbitrary user accounts. The vulnerability is described as a security bypass that could allow account creation without authentication. Public sources within connected data...
Sonatype Nexus安全绕过漏洞
Bugtraq ID:65956 CVE ID:CVE-2014-2034 Sonatype Nexus是一款功能强大的仓库管理器。 Sonatype Nexus存在未明错误,允许远程恶意用户绕过安全限制,访问受限功能,如创建管理员账户。 0 Sonatype Nexus 2.4.0 - 2.7.1 厂商补丁: Sonatype ----- Sonatype Nexus 2.7.2已经修复该漏洞,建议用户下载更新: http://www.sonatype.org...