CVE-2023-28864
Progress Chef Infra Server before 15.7 is affected by CVE-2023-28864. A local attacker can exploit a world-readable /var/opt/opscode/local-mode-cache/backup temporary backup path to access sensitive information, leading to disclosure of all indexed node data because OpenSearch credentials are exp...