CVE-2021-27026 - Sensitive Information May be Logged

  • Posted November 9, 2021

  • Assessed Risk Level: Medium

  • CVSS 3.1 Base Score: 4.4

A flaw was discovered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged

Status:

Affected software versions:

  • Puppet Enterprise prior to 2019.8.9
  • Puppet Enterprise prior to 2021.4.0
  • Puppet Connect prior to 0.4.0

Resolved in:

  • Puppet Enterprise 2019.8.9
  • Puppet Enterprise 2021.4.0
  • Puppet Connect 0.4.0