This vulnerability affects Sonatype Nexus Repository Manager versions 3.0.0 through 3.91.1. An authenticated administrator who configures or tests LDAP connectivity can trigger the server to make unintended connections to a malicious LDAP server due to unsafe deserialization of untrusted data (CWE-502). The CVSS 4.0 base score is 5.1 (medium severity) with network attack vector, low complexity, no user interaction, and requires high privileges. No patch or official remediation level has been published by Sonatype as of the current data.

An attacker with administrator access to the Nexus Repository Manager could exploit this vulnerability by setting up a malicious LDAP server. When the administrator tests or configures LDAP connectivity, the server may initiate unintended connections to the malicious server. This could lead to potential information disclosure or other server-side impacts related to the LDAP interaction. However, exploitation requires authenticated administrator privileges, limiting the attack surface. There are no known exploits in the wild at this time.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, administrators should exercise caution when configuring or testing LDAP connectivity, especially avoiding interaction with untrusted LDAP servers. Monitor vendor communications for updates on patches or mitigations.