puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.Referenceshttp://puppetlabs.com/security/cve/cve-2014-9568
