Plaguedoktor

**Name of the Vulnerable Software and Affected Versions** Portainer versions prior to 1.20.0 **Description** A vulnerability was found in Portainer where it stores LDAP credentials in cleartext, corresponding to a master password. These credentials can be retrieved via API calls. **Recommendations** For versions prior to 1.20.0, update to version 1.20.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the API endpoints that allow the retrieval of LDAP credentials to minimize the risk of exploitation.