CVE-2021-27024
N/A
N/A
Summary
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Puppet Continuous Delivery for Puppet Enterprise (CD4PE) | CD4PE prior to 4.10.0 | affected |
Weaknesses
- Invalid Permissions Check
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.