Description
Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images.
Remediation
References
Related Vulnerabilities
axios Improper Authentication Vulnerability (CVE-2026-42041)
MySQL CVE-2021-2174 Vulnerability (CVE-2021-2174)
WordPress Plugin Request For Quote Cross-Site Request Forgery (1.2)
IBM WebSEAL Other Vulnerability (CVE-2023-30998)
Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-15929)