Directory Traversal Vulnerability in Sonatype Nexus Repository Manager 2.x

Directory Traversal Vulnerability in Sonatype Nexus Repository Manager 2.x

CVE-2020-15012 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on disk (that the user running nxrm also has access to).

Learn more about our User Device Pen Test.