Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-23556

CVE-2020-11415: LDAP system credentials can be exposed by admin user

    XMLWordPrintable

    Details

    • Release Note:
      Yes

      Description

      A nefarious admin user can retrieve the plain text of the LDAP system username and password

        Attachments

          Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. NEXUS-23887 LDAP connection UI looks broken, constantly prompts for password

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. NEXUS-23895 Save of LDAP user and group settings fails with error.

          • Major - Major loss of function.
          • Closed

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              dbradicich Damian Bradicich
              Last Updated By:
              Michael Prescott Michael Prescott
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title