Vulnerabilities > Sonatype > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-08 | CVE-2019-9629 | Improper Authentication vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults (fixed credentials). | 9.8 |
2019-03-21 | CVE-2019-7238 | Unspecified vulnerability in Sonatype Nexus Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. | 9.8 |
2017-12-17 | CVE-2017-17717 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature. | 9.8 |