CVSS 3 Base Score:

Posted On:

Assessed Risk Level:

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).


Affected software versions:

- Puppet Enterprise prior to 2019.8.8

Resolved in:

- Puppet Enterprise 2019.8.8 - Puppet Enterprise 2021.3.0