A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged
References
Link | Resource |
---|---|
https://puppet.com/security/cve/cve-2021-27026 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Jan 2022, 16:45
Type | Values Removed | Values Added |
---|---|---|
First Time |
Puppet puppet Enterprise
|
|
CPE | cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:* |
22 Nov 2021, 21:02
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:puppet:puppet_connect:*:*:*:*:*:*:*:* cpe:2.3:a:puppet:puppet:*:*:*:*:enterprise:*:*:* |
|
CWE | CWE-532 | |
References | (MISC) https://puppet.com/security/cve/cve-2021-27026 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 4.4 |
18 Nov 2021, 15:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-18 15:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-27026
Mitre link : CVE-2021-27026
CVE.ORG link : CVE-2021-27026
JSON object : View
Products Affected
puppet
- puppet_connect
- puppet
- puppet_enterprise
CWE
CWE-532
Insertion of Sensitive Information into Log File