CVE-2019-10695

When using the cd4pe::rootconfiguration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module...

CVE-2019-10695

When using the cd4pe::rootconfiguration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module...

CVE-2019-10695

When using the cd4pe::rootconfiguration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module...

CVE-2019-10695

Affected product: puppetlabs/cd4pe module (CD4PE) in Puppet Enterprise. Vulnerable component: cd4pe::root_configuration task exposes the root user’s username and password in the PE console’s Job Details pane. Root cause / impact: data exposure; no additional exploit details are provided. Remediat...

PT-2019-11998 · Puppet · Cd4Pe

Name of the Vulnerable Software and Affected Versions: puppetlabs/cd4pe module versions prior to 1.2.1 Description: The root user’s username and password were exposed in the job’s Job Details pane in the PE console when using the cd4pe::root configuration task to configure a Continuous Delivery f...

Unspecified Vulnerability in Puppet

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs, which can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is the enterprise version of Puppet. A security vulnerability exists in...