Description
An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. Admin users can retrieve the LDAP server system username/password (as configured in nxrm) in cleartext.
Remediation
References
Related Vulnerabilities
WordPress Plugin Autocomplete Wizard Unspecified Vulnerability (2.0)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-17671)
Jenkins Uncontrolled Resource Consumption Vulnerability (CVE-2012-0785)
Python Off-by-one Error Vulnerability (CVE-2007-2052)
WordPress Plugin Premmerce Permalink Manager for WooCommerce Local File Inclusion (2.3.10)