Sonatype Nexus Repository Manager Java Object Deserialization RCE

Critical Nessus Plugin ID 92467


The Nexus Repository Manager server running on the remote host is affected by a remote code execution vulnerability.


The Sonatype Nexus Repository Manager server application running on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending specially crafted Java objects to the HTTP interface, to execute arbitrary code on the target host.


Upgrade to Sonatype Nexus Repository Manager version 2.11.2-01 or later.

See Also

Plugin Details

Severity: Critical

ID: 92467

File Name: sonatype_nexus_deserialization.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Misc.

Published: 2016/07/20

Modified: 2016/07/21

Dependencies: 92468

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:sonatype:nexus

Required KB Items: installed_sw/Sonatype Nexus

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/06/20

Vulnerability Publication Date: 2015/01/28

Reference Information

OSVDB: 129952, 130424, 140288

CERT: 576313