[NEXUS-22014] CVE-2019-5475: OS Command Injection vulnerability - Sonatype JIRA

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.14.15
Fix Version/s: 2.14.16
Component/s: Security
Labels:

Description

A vulnerability was discovered that allows user's with admin privileges to run processes on the server that the NXRM OS server process is running on.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Joshua Hill

Last Updated By:: Michael Prescott

Team:: NXRM - Groot

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/02/19 04:19 PM

Updated:: 04/23/21 06:13 PM

Resolved:: 01/17/20 03:57 PM

Date of First Response:: 17/Jan/20 3:10 PM

tigCommentSecurity.panel-title