CVE-2020-7945

Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous Delivery for Puppet Enterprise 4.0.1.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:puppet:continuous_delivery:4.0.0:*:*:*:puppet_enterprise:*:*:*

History

21 Nov 2024, 05:38

Type Values Removed Values Added
References () https://puppet.com/security/cve/CVE-2020-7945 - Vendor Advisory () https://puppet.com/security/cve/CVE-2020-7945 - Vendor Advisory

Information

Published : 2020-09-18 18:15

Updated : 2024-11-21 05:38


NVD link : CVE-2020-7945

Mitre link : CVE-2020-7945

CVE.ORG link : CVE-2020-7945


JSON object : View

Products Affected

puppet

  • continuous_delivery
CWE
CWE-522

Insufficiently Protected Credentials