Lucene search
GoogleOSV:CVE-2023-5255HistoryOct 03, 2023 - 6:15 p.m.
CVE-2023-5255
2023-10-0318:15:10
Google
osv.dev
3
puppet server
certificate
auto-renewal
flaw
revocation
software
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
17.0%
For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.
Related
nvd
nvd
CVE-2023-5255
2023-10-03 18:15:10
cve
cve
CVE-2023-5255
2023-10-03 18:15:10
ubuntucve
ubuntucve
CVE-2023-5255
2023-10-03 00:00:00
redhatcve
redhatcve
CVE-2023-5255
2023-10-05 10:54:23
cvelist
cvelist
CVE-2023-5255 Denial of Service for Revocation of Auto Renewed Certificates
2023-10-03 17:54:55
debiancve
debiancve
CVE-2023-5255
2023-10-03 18:15:10
prion
prion
Design/Logic Flaw
2023-10-03 18:15:00
osv
osv
Puppet Bolt privilege escalation vulnerability
2023-10-06 18:30:32
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
17.0%
Related for OSV:CVE-2023-5255