Security Advisory

CVE-2023-40050

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-31 14:07:59

Last updated 2024-09-06 15:41:14

Assigner ProgressSoftware

State PUBLISHED

Description

Upload profile either through API or user interface in Chef Automate prior to and including version 4.10.29 using InSpec check command with maliciously crafted profile allows remote code execution.

← Browse all CVEs View on cve.org ↗