Unrated severityNVD Advisory· Published Apr 1, 2014· Updated Jun 17, 2026
CVE-2014-2034
CVE-2014-2034
Description
Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:open_source:*:*:*+ 19 more
- cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.5:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:professional:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.1:*:*:*:open_source:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.1:*:*:*:professional:*:*:*
- (no CPE)range: 2.4.0 through 2.7.1
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/57142nvdVendor Advisory
- www.sonatype.org/advisories/archive/2014-03-03-NexusnvdVendor Advisory
- support.sonatype.com/entries/42374566-CVE-2014-2034-Nexus-Security-Advisory-REST-APInvdVendor Advisory
- www.osvdb.org/104049nvd
- www.securityfocus.com/bid/65956nvd
News mentions
0No linked articles in our index yet.