CVE-2021-43293

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository Manager versions prior to 3.36.0

Description The issue allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF). This means an attacker could exploit the vulnerability to discover and map internal network services and systems.

Recommendations For versions prior to 3.36.0, update to version 3.36.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Nexus Repository Manager to minimize the risk of exploitation.