Sonatype Nexus Repository Manager Java Object Deserialization RCE

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The Nexus Repository Manager server running on the remote host is
affected by a remote code execution vulnerability.

Description :

The Sonatype Nexus Repository Manager server application running on
the remote host is affected by a remote code execution vulnerability
due to unsafe deserialize calls of unauthenticated Java objects to the
Apache Commons Collections (ACC) library. An unauthenticated, remote
attacker can exploit this, by sending specially crafted Java objects
to the HTTP interface, to execute arbitrary code on the target host.

See also :

http://www.nessus.org/u?e0204f30
http://www.sonatype.org/advisories/archive/2016-06-20-Nexus/

Solution :

Upgrade to Sonatype Nexus Repository Manager version 2.11.2-01 or
later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 92467 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now