Lucene search
Veracode Vulnerability DatabaseVERACODE:21421HistorySep 04, 2019 - 3:34 a.m.
Remote Code Execution
2019-09-0403:34:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.008 Low
EPSS
Percentile
81.1%
nexus-yum-repository-plugin is vulnerable to remote code execution. An attacker with administrative access to nxrm is able to execute arbitrary OS commands on the system by setting the path of createrepo or mergerepo to an OS command in the XML input.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nexus-yum-repository-plugin | le | 2.14.13-01 |
Related
cve
cve
CVE-2019-5475
2019-09-03 20:15:11
CVE-2019-15588
2019-11-01 15:15:11
osv
osv
OS Command Injection in Nexus Yum Repository Plugin
2019-09-11 23:04:57
CVE-2019-5475
2019-09-03 20:15:11
CVE-2019-15588
2019-11-01 15:15:11
prion
prion
Remote code execution
2019-09-03 20:15:00
Command injection
2019-11-01 15:15:00
hackerone
hackerone
github
github
OS Command Injection in Nexus Yum Repository Plugin
2019-09-11 23:04:57
githubexploit
githubexploit
Exploit for OS Command Injection in Sonatype Nexus Repository Manager
2019-09-25 16:22:56
Exploit for OS Command Injection in Sonatype Nexus Repository Manager
2020-04-12 15:49:36
Exploit for OS Command Injection in Sonatype Nexus Repository Manager
2020-12-19 05:11:03
cvelist
cvelist
CVE-2019-5475
2019-09-03 19:13:43
CVE-2019-15588
2019-11-01 14:46:12
nvd
nvd
CVE-2019-5475
2019-09-03 20:15:11
CVE-2019-15588
2019-11-01 15:15:11
symantec
symantec
veracode
veracode
Remote Code Execution
2019-11-04 02:17:36
freebsd
freebsd
nexus2-oss -- Multiple vulerabilities
2019-09-19 00:00:00
nessus
nessus