Medium
CVE-2023-28864
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in…
Tag: Chef Infra Server
All CVEs associated with "Chef Infra Server". Page 1/1 • 1 CVEs.
About “Chef Infra Server”
A curated feed of “Chef Infra Server”-related CVEs appears below. We currently track 1 CVEs for this tag (all time). In the last 365 days, 0 were published. Average CVSS is 5.5 (all time), and 0% are rated High/Critical (all time). Top CWEs (all time): CWE-922 - Insecure Storage of Sensitive Information.
In our taxonomy this topic maps to a LOW impact class. Config management tools have broad privileges. Patch servers and agents, use least privilege, sign artifacts, and audit playbooks and modules. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
Support & lifecycle: chef-infra-server
This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.
| Cycle | Release | Latest | Premier Support | EOL | LTS |
|---|---|---|---|---|---|
| 15 | 15.10.91 | Unavailable | - | ||
| 14 | 14.16.19 | - | |||
| 13 | 13.2.0 | Expired | |||
| 12 | 12.19.31 | Expired | |||
| 11 | 11.1.7 | Expired |
Maintained Soon (≤ 180 days) Expired
Subscribe lifecycle: RSS (expired) · ICS
Subscribe CVEs: RSS for “Chef Infra Server”
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0