Description

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

Remediation

References

CVE-2019-5475

Related Vulnerabilities

WordPress Plugin Ultimeter Security Bypass (1.9.2)

WordPress Plugin Easy Affiliate Links Cross-Site Scripting (3.7.0)

WordPress Plugin Htaccess by BestWebSoft Cross-Site Scripting (1.4)

WordPress Plugin SEO Plugin LiveOptim Multiple Vulnerabilities (1.1.8-free)

WordPress Plugin Import any XML or CSV File to WordPress Multiple Vulnerabilities (3.2.4)

Severity

High

Classification

CVE-2019-5475 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities