Uploaded image for project: 'Sonatype Nexus Repository'
  1. Sonatype Nexus Repository
  2. NEXUS-25019

CVE-2020-24622: S3 secret key can be exposed by admin user

Details

    • Yes

    Description

      A nefarious admin user can retrieve the plain text of the S3 secret key

      Attachments

        Activity

          People

            Unassigned Unassigned
            ataylor Andrew Taylor [X] (Inactive)
            Joe Tom [X] Joe Tom [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              tigCommentSecurity.panel-title