CVE-2014-2034

Published Apr 1, 2014

Last updated 11 years ago

Overview

Description: Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43AB890E-0BFD-4446-99BF-2BD9CC55C173"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD3FD4FC-12AD-4286-843D-D2F3BCC9A441"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E084D92-BB5B-4872-AF70-7F8681C93B6E"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF20924E-743B-4376-A35A-9ACB6E8B4080"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBD83307-04AE-47E3-949B-E951ECAB9EA3"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC3862B9-18B3-4C94-B34A-40F08E151334"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF46E050-3F9D-4F9F-AF74-6C924DB6804E"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "949F08F2-66EE-4DDC-9483-2EE7DB2952D6"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A47D7B7F-A919-4BC2-ACD3-CF2D035CC36E"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D0C69E3-EBB3-4214-A901-1E29771B373C"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53753B80-50F0-45A9-ACA9-3F5D86C93DEE"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A232DDC9-14A3-4A88-BFCA-4053AB7A3B98"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5ADB7A5C-F8AC-429A-8186-534D93D6424D"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F5E0C4C-D34C-42EF-9EB4-2826E8BCC248"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.6.5:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D94878B-E92C-4DD1-8C57-40472C0BD62A"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2008F19D-A078-4339-BAF4-B131415A41AC"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB3A0F5B-A158-42C9-B14B-84EB92535F78"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.7.1:*:*:*:open_source:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "393A5265-673A-4000-846F-F02AE11A65AC"
          },
          {
            "criteria": "cpe:2.3:a:sonatype:nexus:2.7.1:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C231775B-12AE-40C6-A8DB-E3118DF37117"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References