Description

Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data is exposed).

Remediation

References

CVE-2021-30635

Related Vulnerabilities

OpenSSL Resource Management Errors Vulnerability (CVE-2011-3210)

WordPress Plugin wp-buddha-free-adwords Security Bypass (1.0.0)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5317)

Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-10212)

Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0940)

Severity

Medium

Classification

CVE-2021-30635 CWE-22

Tags

Missing Update Known Vulnerabilities