CVE-2019-10695

Published: Dec 11, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module.

Vendor	Product	Versions
n/a	Continuous Delivery for Puppet Enterprise (CD4PE)	affected `puppetlabs/cd4pe module prior to 1.2.1`

References

https://puppet.com/security/cve/CVE-2019-10695

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-10695

Description

Affected Products

References