Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:35 p.m.19 views

CVE-2020-27986

SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it...

7.5CVSS6.9AI score0.16183EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2023/11/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-27986

SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it...

7.5CVSS7.2AI score0.16183EPSS
Exploits0References1
Circl
Circl
added 2020/10/29 1:33 a.m.163 views

CVE-2020-27986

creationtimestamp| type| source ---|---|--- 2020-10-29 01:33:09+00:00| seen| https://t.me/cibsecurity/15703 2021-05-10 02:45:38+00:00| seen| https://t.me/pwnwikizhchannel/394 2024-11-12 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-12 2024-11-17...

7.5CVSS7.1AI score0.16183EPSS
In wildExploits0References5
CVE
CVE
added 2020/10/28 10:57 p.m.108 views

CVE-2020-27986

The CVE-2020-27986 entry applies to SonarQube 8.4.2.36762, where remote attackers can discover cleartext credentials (SMTP, SVN, GitLab) via the api/settings/values URI. The connected nuclei template explicitly calls this an authentication-related exposure, and related sources reiterate plaintext...

7.5CVSS7.4AI score0.16183EPSS
In wildExploits0References1Affected Software1
Rows per page
Query Builder