CVE-2020-15871
Description
Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Sonatype Nexus Repository Manager before 3.25.1 allows unauth RCE via an EL injection in log configuration.
Vulnerability
Sonatype Nexus Repository Manager OSS/Pro versions prior to 3.25.1 are vulnerable to remote code execution. The bug is an Expression Language (EL) injection in the log configuration feature, allowing attacker-controlled input to be evaluated unsafely. Affected versions include all 3.x releases before 3.25.1 [1].
Exploitation
An attacker needs network access to the Nexus Repository Manager web interface. No prior authentication or special privileges are required. By submitting a crafted request to the log configuration endpoint with an EL payload, the expression is evaluated by the server leading to arbitrary command execution [1].
Impact
A successful attacker can execute arbitrary Java code or OS commands on the server as the Nexus service user. This results in full confidentiality, integrity, and availability compromise of the repository manager and potentially the underlying host [1].
Mitigation
Sonatype released Nexus Repository Manager version 3.25.1 on 2020-07-31 which fixes the vulnerability. Users should upgrade to 3.25.1 or later immediately. No workaround is provided for older versions [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <3.25.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- support.sonatype.commitrex_refsource_MISC
- support.sonatype.com/hc/en-us/articles/360052192693mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.