Vulnerabilities > Sonatype > Nexus > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-08-25 CVE-2020-24622 Insufficiently Protected Credentials vulnerability in Sonatype Nexus
In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed by an admin user.
network
low complexity
sonatype CWE-522
4.0
4.0
2020-04-02 CVE-2020-11444 Incorrect Default Permissions vulnerability in Sonatype Nexus
Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control.
network
low complexity
sonatype CWE-276
6.5
6.5