GHSA-2q9w-rh4f-g84jLow

A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to...

Published
June 19, 2026
Last Modified
June 19, 2026

🔗 CVE IDs covered (1)

📋 Description

A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues.  Queue messages contained tenant-specific identifiers.  The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating this access method entirely.

🔗 References (3)