6.2 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
46.2%
Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.
CPE | Name | Operator | Version |
---|---|---|---|
puppet:puppet_enterprise | puppet puppet enterprise | le | 3.7.0 |