CVSS 3 Base Score:
8.7

Posted On:

Assessed Risk Level:
High

A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0

Status:

Affected software versions:

CD4PE prior to 4.10.0

Resolved in:

CD4PE 4.10.0