Lucene search

[email protected]NVD:CVE-2015-1029

HistoryJan 16, 2015 - 4:59 p.m.

CVE-2015-1029

2015-01-1616:59:22

CWE-264

[email protected]

web.nvd.nist.gov

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.9%

JSON

The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by prepopulating the fact cache.

Affected configurations

NVD

Node

puppetstdlibMatch2.1.0puppet

puppetstdlibMatch2.1.1puppet

puppetstdlibMatch2.1.2puppet

puppetstdlibMatch2.1.3puppet

puppetstdlibMatch2.2.0puppet

puppetstdlibMatch2.2.1puppet

puppetstdlibMatch2.3.0puppet

puppetstdlibMatch2.3.1puppet

puppetstdlibMatch2.3.2puppet

puppetstdlibMatch2.3.3puppet

puppetstdlibMatch2.4.0puppet

puppetstdlibMatch2.5.0puppet

puppetstdlibMatch3.0.0puppet

puppetstdlibMatch4.1.0puppet

puppetstdlibMatch4.2.0puppet

puppetstdlibMatch4.2.1puppet

puppetstdlibMatch4.2.2puppet

puppetstdlibMatch4.3.0puppet

puppetstdlibMatch4.3.1puppet

puppetstdlibMatch4.3.2puppet

puppetstdlibMatch4.4.0puppet

puppetstdlibMatch4.5.0puppet

AND

puppetpuppet_enterpriseRange≤2.8.8

References

puppetlabs.com/security/cve/cve-2015-1029

secunia.com/advisories/62328

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.9%

JSON

Related for NVD:CVE-2015-1029

nessus2 ubuntucve1 cve1 fedora2 prion1 debiancve1 openvas2 cvelist1