Lucene search
PRIOn knowledge basePRION:CVE-2016-2786HistoryJun 10, 2016 - 3:59 p.m.
Code injection
2016-06-1015:59:00
PRIOn knowledge base
www.prio-n.com
4
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate.
| CPE | Name | Operator | Version |
|---|---|---|---|
| puppet_agent | eq | 1.3.0 | |
| puppet_agent | eq | 1.3.1 | |
| puppet_agent | eq | 1.3.2 | |
| puppet_agent | eq | 1.3.4 | |
| puppet_agent | eq | 1.3.5 | |
| puppet_enterprise | eq | 2015.3.0 | |
| puppet_enterprise | eq | 2015.3.2 |
Related
ubuntucve
ubuntucve
CVE-2016-2786
2016-06-10 00:00:00
nvd
nvd
CVE-2016-2786
2016-06-10 15:59:01
debiancve
debiancve
CVE-2016-2786
2016-06-10 15:59:01
cvelist
cvelist
CVE-2016-2786
2016-06-10 15:00:00
cve
cve
CVE-2016-2786
2016-06-10 15:59:01
nessus
nessus
Puppet Enterprise 2015.x < 2015.3.3 Multiple Vulnerabilities
2019-10-09 00:00:00
GLSA-201606-02 : Puppet Server and Agent: Multiple vulnerabilities
2016-06-06 00:00:00
gentoo
gentoo
Puppet Server and Agent: Multiple vulnerabilities
2016-06-05 00:00:00