CVE-2020-7945 - Insecure storage of local registry credentials in Continuous Delivery for Puppet Enterprise

  • Posted September 16, 2020

  • Assessed Risk Level: Medium

  • CVSS 3.1 Base Score: 5.3

Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous Delivery for Puppet Enterprise 4.0.1.

Status:

Affected software versions:

  • Continuous Delivery for Puppet Enterprise 4.0.0

Resolved in:

  • Continuous Delivery for Puppet Enterprise 4.0.1
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.