CVE-2019-10695

Affected product: puppetlabs/cd4pe module (CD4PE) in Puppet Enterprise. Vulnerable component: cd4pe::root_configuration task exposes the root user’s username and password in the PE console’s Job Details pane. Root cause / impact: data exposure; no additional exploit details are provided. Remediat...