Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability - CVE-2020-11415 - Vulnerability Database

Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability - CVE-2020-11415

Medium

Reference: CVE-2020-11415

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-11415

Title: Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability

Overview:

An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. Admin users can retrieve the LDAP server system username/password (as configured in nxrm) in cleartext.