Vulnerability Details CVE-2018-11748
Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world readable. This issue has been resolved as of device_manager 2.7.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 2.1
References
Products affected by CVE-2018-11748
-
cpe:2.3:a:puppet:device_manager:*