CVE-2020-7944 Information

Description

In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0 changes to resources or classes containing Sensitive parameters can result in the Sensitive parameters ending up in the impact analysis report.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Reference

https://puppet.com/security/cve/CVE-2020-7944

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.7