SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-10-28T22:57:20

Updated: 2024-08-04T16:25:43.905Z

Reserved: 2020-10-28T00:00:00

Link: CVE-2020-27986

cve-icon Vulnrichment

Updated: 2024-08-04T16:25:43.905Z

cve-icon NVD

Status : Modified

Published: 2020-10-28T23:15:12.410

Modified: 2024-08-04T17:15:32.413

Link: CVE-2020-27986

cve-icon Redhat

No data.