Privilege Escalation Vulnerability in Continuous Delivery for Puppet Enterprise (CD4PE)
CVE-2021-27024 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0
Learn more about our Api Penetration Testing.