CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10695

When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.1%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2019-10695

Puppet » Continuous Delivery » Version: N/A

cpe:2.3:a:puppet:continuous_delivery:-
Puppet » Continuous Delivery » Version: 1.0.0

cpe:2.3:a:puppet:continuous_delivery:1.0.0
Puppet » Continuous Delivery » Version: 1.0.1

cpe:2.3:a:puppet:continuous_delivery:1.0.1
Puppet » Continuous Delivery » Version: 1.0.2

cpe:2.3:a:puppet:continuous_delivery:1.0.2
Puppet » Continuous Delivery » Version: 1.1.0

cpe:2.3:a:puppet:continuous_delivery:1.1.0
Puppet » Continuous Delivery » Version: 1.2.0

cpe:2.3:a:puppet:continuous_delivery:1.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-10695

Products

Pricing

Contact Us