A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password.
CVE ID: CVE-2024-3716
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 23.43% (scored less or equal to compared to others)
EPSS Date: 2025-02-12 (when was this score calculated)