Description

Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature.

Remediation

References

CVE-2017-17717

Related Vulnerabilities

WebLogic CVE-2022-21560 Vulnerability (CVE-2022-21560)

Joomla! Core Security Bypass (1.6.0 - 3.6.5)

Microsoft SQL Server CVE-2023-38169 Vulnerability (CVE-2023-38169)

Joomla Numeric Errors Vulnerability (CVE-2008-4102)

WordPress Plugin Theme Blvd Widget Areas Multiple Security Bypass Vulnerabilities (1.2.2)

Severity

Critical

Classification

CVE-2017-17717 CWE-327 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities