Description
An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. Admin users can retrieve the LDAP server system username/password (as configured in nxrm) in cleartext.
Remediation
References
Related Vulnerabilities
Python Incorrect Authorization Vulnerability (CVE-2020-15801)
CubeCart Improper Input Validation Vulnerability (CVE-2012-0865)
Apache HTTP Server DEPRECATED: Code Vulnerability (CVE-2015-3183)
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-5545)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000014)