Total
88 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-7330 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol. | |||||
CVE-2016-2786 | 1 Puppet | 2 Puppet Agent, Puppet Enterprise | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate. | |||||
CVE-2014-3248 | 2 Puppet, Puppetlabs | 6 Facter, Hiera, Marionette Collective and 3 more | 2023-12-10 | 6.2 MEDIUM | N/A |
Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine. | |||||
CVE-2015-1029 | 1 Puppet | 2 Puppet Enterprise, Stdlib | 2023-12-10 | 6.5 MEDIUM | N/A |
The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by prepopulating the fact cache. | |||||
CVE-2014-3251 | 2 Puppet, Puppetlabs | 2 Puppet Enterprise, Mcollective | 2023-12-10 | 4.4 MEDIUM | N/A |
The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to a race condition. | |||||
CVE-2013-4971 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 5.0 MEDIUM | N/A |
Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
CVE-2013-4966 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 6.4 MEDIUM | N/A |
The master external node classification script in Puppet Enterprise before 3.2.0 does not verify the identity of consoles, which allows remote attackers to create arbitrary classifications on the master by spoofing a console. | |||||
CVE-2013-1399 | 2 Puppet, Puppetlabs | 2 Puppet Enterprise, Puppet | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) live management, and (3) user administration components in the console in Puppet Enterprise (PE) before 2.7.1 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
CVE-2014-9355 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 4.0 MEDIUM | N/A |
Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint. | |||||
CVE-2013-1398 | 2 Puppet, Puppetlabs | 2 Puppet Enterprise, Puppet | 2023-12-10 | 8.5 HIGH | N/A |
The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does not properly restrict access to a catalog of private SSL keys, which allows remote authenticated users to obtain sensitive information and gain privileges by leveraging root access to a node, related to the master role. | |||||
CVE-2014-3249 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 5.0 MEDIUM | N/A |
Puppet Enterprise 2.8.x before 2.8.7 allows remote attackers to obtain sensitive information via vectors involving hiding and unhiding nodes. | |||||
CVE-2012-5158 | 2 Puppet, Puppetlabs | 2 Puppet Enterprise, Puppet | 2023-12-10 | 4.0 MEDIUM | N/A |
Puppet Enterprise (PE) before 2.6.1 does not properly invalidate sessions when the session secret has changed, which allows remote authenticated users to retain access via unspecified vectors. | |||||
CVE-2013-4963 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet Enterprise (PE) before 3.0.1 allow remote attackers to hijack the authentication of users for requests that deleting a (1) report, (2) group, or (3) class or possibly have other unspecified impact. | |||||
CVE-2012-0891 | 1 Puppet | 2 Puppet Dashboard, Puppet Enterprise | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboard 1.0 before 1.2.5 and Enterprise 1.0 before 1.2.5 and 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields. | |||||
CVE-2013-4762 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 5.8 MEDIUM | N/A |
Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID. | |||||
CVE-2012-1054 | 2 Puppet, Puppetlabs | 4 Puppet, Puppet Enterprise, Puppet and 1 more | 2023-12-10 | 4.4 MEDIUM | N/A |
Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login. | |||||
CVE-2013-4964 | 1 Puppet | 1 Puppet Enterprise | 2023-12-10 | 5.0 MEDIUM | N/A |
Puppet Enterprise before 3.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | |||||
CVE-2012-3408 | 2 Puppet, Puppetlabs | 2 Puppet Enterprise, Puppet | 2023-12-10 | 2.6 LOW | N/A |
lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address. | |||||
CVE-2012-3865 | 2 Puppet, Puppetlabs | 3 Puppet, Puppet Enterprise, Puppet | 2023-12-10 | 3.5 LOW | N/A |
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name. | |||||
CVE-2013-1654 | 3 Canonical, Puppet, Puppetlabs | 4 Ubuntu Linux, Puppet, Puppet Enterprise and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors. |