CVE-2024-3452906.05.2024, 00:15Nebari through 2024.4.1 prints the temporary Keycloak root password.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST4.8 MEDIUMNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:NmitreCNA------CISA-ADPADP4.8 MEDIUMNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:NCVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 27%Common Weakness EnumerationCWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Referenceshttps://github.com/nebari-dev/nebari/blob/5463e8df9e8d53a266a7b9d3d4e27353ec43c40b/src/_nebari/deploy.py#L71https://github.com/nebari-dev/nebari/issues/2282https://github.com/nebari-dev/nebari/blob/5463e8df9e8d53a266a7b9d3d4e27353ec43c40b/src/_nebari/deploy.py#L71https://github.com/nebari-dev/nebari/issues/2282