CVE-2018-11748 - Puppet Device Manager Module file permission issue
Posted October 2, 2018
Assessed Risk Level: Medium
CVSS 3 Base Score: 6.5
Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world readable. This issue has been resolved as of device_manager 2.7.0.
Affected software versions:
- device_manager prior to 2.7.0
- device_manager 2.7.0