6.6 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.6%
The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.
lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
rhn.redhat.com/errata/RHSA-2013-0710.html
secunia.com/advisories/52596
ubuntu.com/usn/usn-1759-1
www.debian.org/security/2013/dsa-2643
www.securityfocus.com/bid/58449
puppetlabs.com/security/cve/cve-2013-2275/