Skip to main content

Sonatype Nexus Repository CVE-2026-3329

| EUVDEUVD-2026-36268 HIGH
Improper Restriction of Excessive Authentication Attempts (CWE-307)
2026-06-11 Sonatype GHSA-pfx2-jf85-mvf2
8.7
CVSS 4.0 · Vendor: Sonatype
Share

Severity by source

Vendor (Sonatype) PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.5 HIGH

Network-reachable login endpoint with no rate-limiting allows unauthenticated guessing (AV:N/AC:L/PR:N/UI:N); successful guess discloses account credentials giving high confidentiality, with no direct integrity or availability impact on the platform.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Sonatype).

CVSS VectorVendor: Sonatype

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 11, 2026 - 18:15 vuln.today

DescriptionCVE.org

A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.

AnalysisAI

Credential-guessing attacks against Sonatype Nexus Repository Manager are enabled by missing rate-limiting on authentication endpoints, allowing remote unauthenticated attackers to brute-force or password-spray valid user accounts. The flaw stems from improper restriction of excessive authentication attempts (CWE-307) and carries a CVSS 4.0 base score of 8.7 reflecting high confidentiality impact; no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Technical ContextAI

Sonatype Nexus Repository Manager is a widely deployed artifact repository used to host Maven, npm, Docker, PyPI, NuGet and other build artifacts in CI/CD pipelines. The affected component is the authentication subsystem (login endpoints), where CWE-307 (Improper Restriction of Excessive Authentication Attempts) indicates the absence or insufficiency of lockout, throttling, or rate-limiting controls. CPE coverage cpe:2.3:a:sonatype:nexus_repository_manager:*:*:*:*:*:*:*:* indicates all unpatched versions of Nexus Repository 3 are potentially in scope; fixed code appears in release 3.93.0 per the Sonatype release notes.

RemediationAI

Vendor-released patch: 3.93.0 - upgrade Nexus Repository Manager to 3.93.0 or later as documented in the Sonatype release notes (https://help.sonatype.com/en/sonatype-nexus-repository-3-93-0-release-notes.html) and the support advisory (https://support.sonatype.com/hc/en-us/articles/52482870409491). Where immediate patching is not possible, place the Nexus UI and REST authentication endpoints behind an authenticating reverse proxy or WAF that enforces per-source rate limiting and account lockout, restrict network exposure of /service/rest/v1/security and the login endpoints to trusted CIDR ranges or VPN, enable SSO/SAML so that lockout is enforced upstream by the IdP, and rotate any credentials that were valid prior to mitigation; note that aggressive WAF rate limits can break legitimate CI agents that authenticate frequently, so allowlist build runner egress IPs.

CVE-2019-7238 CRITICAL POC
9.8 Mar 21

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. Rated critical severity (CVSS 9.8), this v

CVE-2019-5475 HIGH POC
8.8 Sep 03

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.ja

CVE-2018-16621 HIGH POC
7.2 Nov 15

Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection. Rated high severity (CVSS 7.2),

CVE-2018-5307 MEDIUM POC
6.1 Feb 09

Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 2.x before 2.14.6 al

CVE-2018-5306 MEDIUM POC
6.1 Feb 09

Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 3.x before 3.8 allow

CVE-2017-17717 CRITICAL
9.8 Dec 17

Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP

CVE-2019-9629 CRITICAL
9.8 Jul 08

Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults (fixed crede

CVE-2026-11403 HIGH
8.7 Jul 14

Improper API key generation in Sonatype Nexus Repository Manager lets a remote attacker impersonate a targeted user and

CVE-2020-15012 HIGH
8.6 Oct 12

A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. Rated high severity

CVE-2020-15868 HIGH
7.5 Aug 12

Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control. Rated high severity (CVSS 7.5), th

CVE-2019-9630 HIGH
7.5 Jul 08

Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions o

CVE-2018-16620 HIGH
7.5 Nov 15

Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. Rated high severity (CVSS 7.5), this vulnera

Share

CVE-2026-3329 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy