CVE-2015-8559

CVE-2015-8559

EPSS 1.9%

The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://discourse.chef.io/t/chef-infra-client-15-4-45-released/16081 https://github.com/chef/chef/issues/3871 https://github.com/chef/chef/pull/8885 http://www.openwall.com/lists/oss-security/2015/12/14/14