Rapid7 · Rapid7 Komand · CVE-2018-5559
**Name of the Vulnerable Software and Affected Versions**
Rapid7 Komand versions prior to 0.42.0
**Description**
The issue concerns certain endpoints that can list always encrypted-at-rest connection data, potentially returning configurations without obscuring sensitive data in the API response.
**Recommendations**
For versions prior to 0.42.0, update to version 0.42.0 or later to resolve the issue.