Unauthenticated Path Traversal Vulnerability in Sonatype Nexus Repository

CVE-2024-4956

7.5HIGH

Key Information

Vendor: Sonatype
Status: Nexus Repository
Vendor: CVE Published:; 16 May 2024

Badges

🔥 No. 1 Trending😄 Trended👾 Exploit Exists🔴 Public PoC📰 News Worthy

What is CVE-2024-4956?

CVE-2024-4956 is a vulnerability identified in Sonatype Nexus Repository 3, a widely utilized repository management software that facilitates the storage and retrieval of software artifacts. This vulnerability allows an unauthenticated attacker to perform a path traversal attack, enabling them to access sensitive system files without needing valid credentials. The implications for organizations using this software are significant, as unauthorized access to such files can lead to data leakage and other security breaches.

Technical Details

The vulnerability is classified as a path traversal issue, which occurs when an application does not properly validate user input, allowing an attacker to manipulate file paths to gain access to files outside of the intended directory. In the case of Sonatype Nexus Repository 3, this flaw allows attackers to read system files, potentially exposing sensitive data. The vulnerability has been addressed in version 3.68.1 of the software, and organizations using earlier versions are at risk.

Impact of the Vulnerability

Unauthorized Data Access: Attackers can read sensitive system files, potentially leading to data breaches and exposure of confidential information.
Increased Attack Surface: The ability to reach critical files could allow malicious actors to identify further vulnerabilities or sensitive information that could be exploited for additional attacks.
Regulatory and Compliance Risks: Organizations may face legal and regulatory consequences if sensitive information is exposed due to inaction on this vulnerability, affecting their reputation and finances.

Affected Version(s)

Nexus Repository <= 3.68.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-4956
Created by fin3ss3g0d

CVE-2024-4956
Created by erickfernandox

CVE-2024-4956
Created by GoatSecurity

News Articles

ethicalhacking.uk

CVE-2024-4956

Ethical Hacking - CVE-2024-4956: Path Traversal Vulnerability in Sonatype Nexus Repository 3

CVE-2024-4956 is a critical path traversal vulnerability identified in Sonatype Nexus Repository 3. This vulnerability allows an unauthenticated attacker to exploit the application and potentially gain access to sensitive system files.

7 months ago

Vicarius

CVE-2024-4956

Path Traversal in Sonatype Nexus Repository 3 (CVE-2024-4956) - vsociety

Path Traversal in Sonatype Nexus Repository 3 (CVE-2024-4956)SummaryCVE-2024-4956 is a path traversal vulnerability in Sonatype Nexus Repository 3, an artifact repository manager. Exploitation allows...

7 months ago

Refferences

https://support.sonatype.com/hc/en-us/articles/2941650932...

vendor-advisory

EPSS Score

1% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🔴
Public PoC available
Dec 12, 2024
🔥
Vulnerability reached the number 1 worldwide trending spot
May 27, 2024
Vulnerability started trending
May 23, 2024
👾
Exploit known to exist
May 23, 2024
First article discovered by CN-SEC
May 23, 2024
Vulnerability published
May 16, 2024
Vulnerability Reserved
May 15, 2024

Collectors

NVD DatabaseMitre Database5 Proof of Concept(s)7 News Article(s)

Credit

Erick Fernando Xavier de Oliveira (erickfernandox)