CVE-2023-26560 Information

Description

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials.

Reference

https://northern.tech https://cfengine.com/blog/2023/cve-2023-26560/