A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
07 Nov 2023, 03:31
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
24 Jan 2022, 16:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Puppet puppet Enterprise
|
|
CPE | cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:* |
29 Nov 2021, 17:11
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
28 Nov 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Nov 2021, 22:01
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://puppet.com/security/cve/CVE-2021-27023 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 9.8 |
CPE | cpe:2.3:a:puppet:puppet_server:*:*:*:*:*:*:*:* cpe:2.3:a:puppet:puppet:*:*:*:*:enterprise:*:*:* cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo |
18 Nov 2021, 15:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-18 15:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-27023
Mitre link : CVE-2021-27023
CVE.ORG link : CVE-2021-27023
JSON object : View
Products Affected
fedoraproject
- fedora
puppet
- puppet_enterprise
- puppet_agent
- puppet_server
CWE