CVE-2017-2294
CVE-2017-2294 affects Puppet Enterprise prior to 2016.4.5 or 2017.2.1, where MCollective server private keys were not marked as sensitive, allowing key values to be logged or stored in PuppetDB. The underlying issue is the absence of the sensitive data type for these keys, leading to potential in...