9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.8%
Upload profile either through API or user interface in Chef Automate prior to and including version 4.10.29 using InSpec check command with maliciously crafted profile allows remote code execution.
community.progress.com/s/article/Product-Alert-Bulletin-October-2023-CHEF-Automate-CVE-2023-40050
docs.chef.io/automate/profiles/
docs.chef.io/release_notes_automate/