Description

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

Remediation

References

CVE-2019-5475

Related Vulnerabilities

Moodle Other Vulnerability (CVE-2006-5219)

XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31126)

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3837)

Microsoft SQL Server CVE-2023-38169 Vulnerability (CVE-2023-38169)

Squid Improper Privilege Management Vulnerability (CVE-2019-12522)

Severity

High

Classification

CVE-2019-5475 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities