CVE-2020-11415
EUVD-2020-376927.04.2020, 15:15
An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. Admin users can retrieve the LDAP server system username/password (as configured in nxrm) in cleartext.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| sonatype | nexus_repository_manager | 2.0 ≤ 𝑥 < 2.14.17 |
| sonatype | nexus_repository_manager | 3.0 ≤ 𝑥 < 3.22.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration