CVE-2023-48700 Clear Text Credentials Exposed via Onboarding Task

The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify the onboarding process of a new device into Nautobot down to, in many cases, an IP Address and a Location. Starting in version 2.0.0 and prior to version 3.0.0, credentials provided to onboarding task are...

Nautobot Security Vulnerability

Nautobot is a web automation platform for Nautobot individual developers. A security vulnerability exists in Nautobot Plugin Device Onboarding versions 2.0.0 through 3.0.0, which stems from the disclosure of plaintext credentials when an OnboardingTask is created...