PuppetDB exposes passwords

asked 2018-11-10 00:35:09 -0600

chic_cat gravatar image

Hello, We found that puppetdb exposes all resources from any node on resource endpoint. It does contain any passwords and logins you pass to any module even if it was encrypted with hiera. Is there any documentation on this behavior? Thanks

edit retag flag offensive close merge delete