Vulnerabilities > Progress > Chef Infra Server > 14.9.25
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-17 | CVE-2023-28864 | Insecure Storage of Sensitive Information vulnerability in Progress Chef Infra Server Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. | 5.5 |