CVE-2019-7238
Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability
CVSS
—
No CVSS
EPSS
76.5%
p99
KEV
YES
Dec 10, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
76.5%EPSS · 30 days76.5%
2026-06-302026-07-16
Product
Sonatype / Nexus Repository Manager
Vulnerability
Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability
Added to KEV
Dec 10, 2021
Remediate by
Jun 10, 2022
Known ransomware use
No
Summary description
Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-7238
No related CVEs by CWE or product.