Whitej6

**Name of the Vulnerable Software and Affected Versions** Nautobot Device Onboarding plugin versions 2.0.0 through 2.0.2 Nautobot Device Onboarding plugin versions 2.0.0 through 2.0.x **Description** The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify the onboarding process of a new device into Nautobot. Credentials provided to onboarding tasks are visible via Job Results from an execution of an Onboarding Task. This issue is fixed in version 3.0.0. **Recommendations** For versions 2.0.0 through 2.0.2, delete all Job Results for any onboarding task to remove clear text credentials from database entries. For versions 2.0.0 through 2.0.x, upgrade to version 3.0.0. Rotate any exposed credentials.