Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-6617

Support Bundle can include unprotected HTTP proxy server password

    Details

    • Story Points:
      0.5
    • Sprint:
      Sprint 19

      Description

      When Nexus is configured with an HTTP proxy server that has username and password, then the system properties `http.proxyPassword` and `https.proxyPassword` get set to the plain text proxy server password.

      The sysinfo report included in the support bundle can include these plain text system property values. Suggest these values be replaced with some known text instead to protect the password from being transmitted in the support bundle.

        Attachments

          Activity

            People

            Assignee:
            jdillon Jason Dillon
            Reporter:
            plynch Peter Lynch
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Date of First Response:

                Time Tracking

                Estimated:
                Original Estimate - 1h
                1h
                Remaining:
                Remaining Estimate - 1h
                1h
                Logged:
                Time Spent - Not Specified
                Not Specified

                  tigCommentSecurity.panel-title