{"provider_url":"https://hatena.blog","published":"2023-02-26 15:08:13","blog_title":"Shikata Ga Nai","version":"1.0","height":"190","provider_name":"Hatena Blog","author_name":"ThisIsOne","type":"rich","blog_url":"https://cysec148.hatenablog.com/","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/T/ThisIsOne/20230226/20230226150424.png","categories":["Bug Bounty"],"description":"Hello there, ('\u03c9')\u30ce Nexus \u30de\u30cd\u30fc\u30b8\u30e3\u3067\u306e\u8a8d\u8a3c\u30d0\u30a4\u30d1\u30b9 (\u30d0\u30fc\u30b8\u30e7\u30f3 3.37.3\u201302)\u3092\u3002 \u8106\u5f31\u6027\uff1a \u65e2\u77e5\u306e\u8106\u5f31\u6027\u3092\u6301\u3064\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8 \u8a8d\u8a3c\u30d0\u30a4\u30d1\u30b9 HTTP \u5fdc\u7b54\u64cd\u4f5c \u8a18\u4e8b\uff1a https://sharanthehunter.medium.com/authentication-bypass-in-nexus-manager-version-3-37-3-02-712f0bdb2fb4 Sonatype nexus manager \u3067\u4e0d\u9069\u5207\u306a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u3092\u898b\u3064\u3051\u305f\u65b9\u6cd5\u3092\u3002 \u4eca\u56de\u306f\u3001\u306f\u975e\u5e38\u306b\u8208\u5473\u6df1\u304f\u3001\u975e\u5e38\u306b\u5358\u7d14\u3060\u3068\u601d\u3044\u3002 \u30bf\u30fc\u30b2\u30c3\u30c8\u304credacted.com\u3067\u3042\u308b\u3068\u4eee\u5b9a\u2026","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","url":"https://cysec148.hatenablog.com/entry/2023/02/26/150813","title":"Authentication Bypass in Nexus manager (version 3.37.3\u201302)\u3092\u8a33\u3057\u3066\u307f\u305f","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fcysec148.hatenablog.com%2Fentry%2F2023%2F02%2F26%2F150813\" title=\"Authentication Bypass in Nexus manager (version 3.37.3\u201302)\u3092\u8a33\u3057\u3066\u307f\u305f - Shikata Ga Nai\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","width":"100%"}