Vulnerability-Lookup

WID-SEC-W-2025-2864

Vulnerability from csaf_certbund - Published: 2025-12-16 23:00 - Updated: 2025-12-16 23:00

Summary

Sonatype Nexus Repository Manager: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Sonatype Nexus Repository Manager ist ein Verwaltungstool für Software-Bestandteile.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Sonatype Nexus Repository Manager ausnutzen, um Informationen offenzulegen und Cross-Site-Scripting-Angriffe durchzuführen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Sonatype Nexus Repository Manager ist ein Verwaltungstool f\u00fcr Software-Bestandteile.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Sonatype Nexus Repository Manager ausnutzen, um Informationen offenzulegen und Cross-Site-Scripting-Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2864 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2864.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2864 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2864"
      },
      {
        "category": "external",
        "summary": "Sonatype Nexus Security Advisory vom 2025-12-16",
        "url": "https://support.sonatype.com/hc/en-us/articles/46896142768019-CVE-2025-13488-Nexus-Repository-3-Stored-Cross-Site-Scripting-XSS-2025-12-04"
      },
      {
        "category": "external",
        "summary": "Sonatype Nexus Security Advisory vom 2025-12-16",
        "url": "https://support.sonatype.com/hc/en-us/articles/45363201583635-CVE-2025-9868-Nexus-Repository-2-SSRF-Vulnerability-in-Remote-Browser-Plugin"
      },
      {
        "category": "external",
        "summary": "Sonatype Nexus Security Advisory vom 2025-12-16",
        "url": "https://support.sonatype.com/hc/en-us/articles/34496708991507-CVE-2024-5764-Nexus-Repository-Manager-3-Static-hard-coded-encryption-passphrase-used-by-default-2024-10-17"
      }
    ],
    "source_lang": "en-US",
    "title": "Sonatype Nexus Repository Manager: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-12-16T23:00:00.000+00:00",
      "generator": {
        "date": "2025-12-17T11:04:59.640+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-2864",
      "initial_release_date": "2025-12-16T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-12-16T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "CE/Pro  \u003c3.87.0",
                "product": {
                  "name": "Sonatype Nexus Repository Manager CE/Pro  \u003c3.87.0",
                  "product_id": "T049486"
                }
              },
              {
                "category": "product_version",
                "name": "CE/Pro  3.87.0",
                "product": {
                  "name": "Sonatype Nexus Repository Manager CE/Pro  3.87.0",
                  "product_id": "T049486-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:sonatype:nexus_repository_manager:cepro___3.87.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2",
                "product": {
                  "name": "Sonatype Nexus Repository Manager 2",
                  "product_id": "T049487",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:sonatype:nexus_repository_manager:2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c3",
                "product": {
                  "name": "Sonatype Nexus Repository Manager \u003c3",
                  "product_id": "T049488"
                }
              },
              {
                "category": "product_version",
                "name": "3",
                "product": {
                  "name": "Sonatype Nexus Repository Manager 3",
                  "product_id": "T049488-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:sonatype:nexus_repository_manager:3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "OSS/Pro \u003c3.73.0",
                "product": {
                  "name": "Sonatype Nexus Repository Manager OSS/Pro \u003c3.73.0",
                  "product_id": "T049489"
                }
              },
              {
                "category": "product_version",
                "name": "OSS/Pro 3.73.0",
                "product": {
                  "name": "Sonatype Nexus Repository Manager OSS/Pro 3.73.0",
                  "product_id": "T049489-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:sonatype:nexus_repository_manager:osspro__3.73.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Nexus Repository Manager"
          }
        ],
        "category": "vendor",
        "name": "Sonatype"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-5764",
      "product_status": {
        "known_affected": [
          "T049488",
          "T049489"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2024-5764"
    },
    {
      "cve": "CVE-2025-13488",
      "product_status": {
        "known_affected": [
          "T049488",
          "T049486",
          "T049489"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-13488"
    },
    {
      "cve": "CVE-2025-9868",
      "product_status": {
        "known_affected": [
          "T049488",
          "T049487"
        ]
      },
      "release_date": "2025-12-16T23:00:00.000+00:00",
      "title": "CVE-2025-9868"
    }
  ]
}

CVE-2025-13488 (GCVE-0-2025-13488)

Vulnerability from cvelistv5 – Published: 2025-12-04 18:16 – Updated: 2025-12-04 20:00

Title

Nexus Repository 3 - Stored Cross-Site Scripting (XSS)

Summary

Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context.

Severity ?

5.1 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Assigner

Sonatype

References

URL

Tags

	https://help.sonatype.com/en/sonatype-nexus-repos…	patch
	https://support.sonatype.com/hc/en-us/articles/46…	vendor-advisory

Impacted products

	Vendor	Product	Version
	Sonatype	Nexus Repository	Affected: 3.83.0 , ≤ 3.86.2 (semver) cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:::::::*

Credits

Seif Elsallamy / @0x21SAFE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13488",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-04T18:55:03.160324Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-04T20:00:41.734Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Nexus Repository",
          "vendor": "Sonatype",
          "versions": [
            {
              "lessThanOrEqual": "3.86.2",
              "status": "affected",
              "version": "3.83.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Seif Elsallamy / @0x21SAFE"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eXSS\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e) vulnerability with user context.\u003c/span\u003e"
            }
          ],
          "value": "Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-04T18:16:56.582Z",
        "orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
        "shortName": "Sonatype"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://help.sonatype.com/en/sonatype-nexus-repository-3-87-0-release-notes.html"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.sonatype.com/hc/en-us/articles/46896142768019"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Nexus Repository 3 - Stored Cross-Site Scripting (XSS)",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
    "assignerShortName": "Sonatype",
    "cveId": "CVE-2025-13488",
    "datePublished": "2025-12-04T18:16:56.582Z",
    "dateReserved": "2025-11-20T20:16:15.824Z",
    "dateUpdated": "2025-12-04T20:00:41.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-5764 (GCVE-0-2024-5764)

Vulnerability from cvelistv5 – Published: 2024-10-23 14:47 – Updated: 2024-10-23 15:55

Title

Nexus Repository 3 - Static hard-coded encryption passphrase used by default

Summary

Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated. This issue affects Nexus Repository: from 3.0.0 through 3.72.0.

Severity ?

5.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-798 - Use of Hard-coded Credentials

Assigner

Sonatype

References

URL

Tags

https://support.sonatype.com/hc/en-us/articles/34…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Sonatype	Nexus Repository	Affected: 3.0.0 , ≤ 3.72.0 (semver) cpe:2.3:a:sonatype:nexus_repository_manager:3.0.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.0.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.0.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.1.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.2.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.2.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.3.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.3.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.3.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.4.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.5.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.5.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.5.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.6.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.6.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.6.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.7.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.7.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.8.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.9.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.10.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.11.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.12.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.12.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.13.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.14.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.15.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.15.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.15.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.16.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.16.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.16.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.17.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.18.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.18.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.19.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.19.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.20.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.20.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.21.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.21.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.21.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.22.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.22.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.23.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.24.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.25.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.25.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.26.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.26.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.27.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.28.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.28.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.29.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.29.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.30.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.30.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.31.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.31.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.32.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.33.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.33.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.34.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.34.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.35.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.36.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.37.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.37.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.32.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.37.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.37.3:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.38.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.38.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.39.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.40.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.40.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.41.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.41.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.42.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.43.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.44.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.45.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.45.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.46.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.47.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.47.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.48.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.49.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.50.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.51.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.52.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.53.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.53.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.54.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.54.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.55.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.56.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.57.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.57.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.58.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.58.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.59.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.60.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.61.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.62.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.63.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.64.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.65.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.66.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.67.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.67.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.68.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.68.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.69.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.70.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.70.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.70.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.70.3:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.71.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:3.72.0:::::::*

Credits

Dylan Evans at/of Maveris, LLC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5764",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T15:54:50.774189Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T15:55:05.124Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.7.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.8.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.9.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.10.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.11.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.12.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.12.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.13.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.14.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.17.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.18.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.18.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.19.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.19.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.20.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.20.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.22.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.22.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.23.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.24.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.25.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.25.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.26.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.26.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.27.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.28.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.28.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.29.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.29.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.30.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.30.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.31.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.31.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.32.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.33.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.33.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.34.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.34.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.35.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.36.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.32.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.38.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.38.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.39.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.40.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.40.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.41.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.41.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.42.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.43.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.44.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.45.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.45.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.46.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.47.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.47.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.48.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.49.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.50.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.51.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.52.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.53.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.53.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.54.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.54.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.55.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.56.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.57.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.57.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.58.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.58.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.59.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.60.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.61.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.62.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.63.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.64.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.65.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.66.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.67.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.67.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.68.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.68.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.69.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.71.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.72.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Nexus Repository",
          "vendor": "Sonatype",
          "versions": [
            {
              "lessThanOrEqual": "3.72.0",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dylan Evans at/of Maveris, LLC"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUse of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated.\u003c/p\u003e\u003cp\u003eThis issue affects Nexus Repository: from 3.0.0 through 3.72.0.\u003c/p\u003e"
            }
          ],
          "value": "Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated.\n\nThis issue affects Nexus Repository: from 3.0.0 through 3.72.0."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T14:47:55.783Z",
        "orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
        "shortName": "Sonatype"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.sonatype.com/hc/en-us/articles/34496708991507"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Nexus Repository 3 - Static hard-coded encryption passphrase used by default",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
    "assignerShortName": "Sonatype",
    "cveId": "CVE-2024-5764",
    "datePublished": "2024-10-23T14:47:55.783Z",
    "dateReserved": "2024-06-07T20:20:30.499Z",
    "dateUpdated": "2024-10-23T15:55:05.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9868 (GCVE-0-2025-9868)

Vulnerability from cvelistv5 – Published: 2025-10-08 17:07 – Updated: 2025-10-08 17:23

Title

Nexus Repository 2 - SSRF Vulnerability in Remote Browser Plugin

Summary

Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests.

Severity ?

8.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-918 - Server-Side Request Forgery (SSRF)

Assigner

Sonatype

References

URL

Tags

https://support.sonatype.com/hc/en-us/articles/45…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Sonatype	Nexus Repository	Affected: 2.0.0 , ≤ 2.15.2 (semver) cpe:2.3:a:sonatype:nexus_repository_manager:2.0.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.0.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.0.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.0.3:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.0.4:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.0.5:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.0.6:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.1.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.1.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.1.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.2.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.2.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.3.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.3.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.4.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.5.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.5.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.6.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.6.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.6.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.6.3:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.6.4:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.7.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.7.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.7.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.8.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.8.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.9.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.9.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.9.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.10.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.11.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.11.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.11.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.11.3:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.11.4:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.12.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.12.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.13.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.2:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.3:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.4:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.5:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.6:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.7:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.8:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.9:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.10:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.11:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.12:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.13:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.14:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.15:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.16:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.17:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.18:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.19:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.20:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.14.21:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.15.0:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.15.1:::::::* cpe:2.3:a:sonatype:nexus_repository_manager:2.15.2:::::::*

Credits

Michael Stepankin at GitHub Security Lab

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9868",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-08T17:23:28.489309Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-08T17:23:36.055Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.6.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.6.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.7.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.7.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.8.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.8.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.9.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.9.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.9.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.10.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.11.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.11.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.11.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.11.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.11.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.12.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.12.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.13.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.13:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.14:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.15:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.16:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.17:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.18:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.19:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.20:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.14.21:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.15.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.15.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:2.15.2:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Nexus Repository",
          "vendor": "Sonatype",
          "versions": [
            {
              "lessThanOrEqual": "2.15.2",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Michael Stepankin at GitHub Security Lab"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests."
            }
          ],
          "value": "Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-08T17:07:45.543Z",
        "orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
        "shortName": "Sonatype"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.sonatype.com/hc/en-us/articles/45363201583635"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Nexus Repository 2 - SSRF Vulnerability in Remote Browser Plugin",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
    "assignerShortName": "Sonatype",
    "cveId": "CVE-2025-9868",
    "datePublished": "2025-10-08T17:07:45.543Z",
    "dateReserved": "2025-09-02T19:35:28.000Z",
    "dateUpdated": "2025-10-08T17:23:36.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2025-2864

CVE-2025-13488 (GCVE-0-2025-13488)

CVE-2024-5764 (GCVE-0-2024-5764)

CVE-2025-9868 (GCVE-0-2025-9868)

Tags

Sightings

Nomenclature