Lucene search
K

182 matches found

Debian CVE
Debian CVE
added 2019/12/16 9:39 p.m.27 views

CVE-2018-11751

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0...

5.4CVSS6AI score0.00608EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/10/09 12:0 a.m.27 views

Puppet Enterprise < 2016.2.1 Multiple Vulnerabilities

According to its self-reported version number, the Puppet Enterprise application running on the remote host is version prior to 2016.2.1. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists in the mcollective puppet-agent plugin due to an...

9.8CVSS8.8AI score0.02284EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/16 5:38 p.m.5 views

puppet: Environment leakage in puppet-agent

In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4...

6.5CVSS5.8AI score0.01019EPSS
Exploits0References5
CNVD
CNVD
added 2018/06/13 12:0 a.m.5 views

Puppet Enterprise and Puppet Agent Elevation of Privilege Vulnerability

Puppet Enterprise and Puppet Agent are both products of the U.S. Puppet is a set of configuration management tools based on the client/server C/S architecture, Puppet Enterprise is an enterprise version; Puppet Agent is a set of client-side tools. A security vulnerability exists in Puppet...

8.8CVSS8.5AI score0.01117EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/12 12:0 a.m.5 views

Puppet Agent DLL Preload Vulnerability

Puppet is the United States Puppet Labs a set of client / server C / S architecture based on the configuration management tools . Puppet Agent for Windows is one of the Windows platform based on the agent program . A security vulnerability exists in Facter in Puppet Agent for Windows versions...

7.8CVSS7.5AI score0.00847EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/12 12:0 a.m.4 views

Puppet Agent Arbitrary Code Execution Vulnerability

Puppet is the United States Puppet Labs a set of client / server C / S architecture based on the configuration management tools . Puppet Agent for Windows is one of the Windows platform based on the agent program . A security vulnerability exists in Puppet Agent for Windows versions 1.10.x prior ...

7.8CVSS7.2AI score0.00847EPSS
Exploits0References1
NVD
NVD
added 2018/06/11 8:29 p.m.31 views

CVE-2018-6514

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation...

7.8CVSS7.6AI score0.00847EPSS
Exploits0References1
Prion
Prion
added 2018/06/11 8:29 p.m.12 views

Privilege escalation

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation...

6.8CVSS7.5AI score0.00847EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/11 8:29 p.m.20 views

CVE-2018-6514

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation...

7.8CVSS7AI score0.00847EPSS
Exploits0References1
OSV
OSV
added 2018/06/11 8:29 p.m.24 views

CVE-2018-6515

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation...

7.8CVSS7.6AI score0.00847EPSS
Exploits0References1
OSV
OSV
added 2018/06/11 8:29 p.m.21 views

CVE-2018-6513

Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2, were vulnerable to an attack where an...

8.8CVSS7.3AI score0.01117EPSS
Exploits0References1
Prion
Prion
added 2018/06/11 8:29 p.m.15 views

Privilege escalation

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation...

6.8CVSS7.7AI score0.00847EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/06/11 8:29 p.m.27 views

CVE-2018-6515

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation...

7.8CVSS7.7AI score0.00847EPSS
Exploits0References1
CVE
CVE
added 2018/06/11 8:0 p.m.48 views

CVE-2018-6514

CVE-2018-6514 : Affected software is Puppet Agent on Windows with DLL preloading in Facter. Versions affected: Puppet Agent 1.10.x before 1.10.13; 5.3.x before 5.3.7; 5.5.x before 5.5.2. Root cause is a DLL preloading vulnerability that could lead to privilege escalation. Impact is described as h...

7.8CVSS7.5AI score0.00847EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/11 8:0 p.m.28 views

CVE-2018-6514

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation...

7.6AI score0.00847EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/11 8:0 p.m.29 views

CVE-2018-6515

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation...

7.7AI score0.00847EPSS
Exploits0References1
CVE
CVE
added 2018/06/11 8:0 p.m.58 views

CVE-2018-6513

The vulnerability CVE-2018-6513 affects Puppet Enterprise and Puppet Agent: unprivileged Windows agents can write custom facts due to loading shared libraries from untrusted paths, enabling privilege escalation on the next puppet run. Affected: Puppet Enterprise 2016.4.x before 2016.4.12, 2017.3....

8.8CVSS6.9AI score0.01117EPSS
Exploits0References1Affected Software2
Debian CVE
Debian CVE
added 2018/06/11 8:0 p.m.55 views

CVE-2018-6514

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation...

7.8CVSS7.6AI score0.00847EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/06/11 8:0 p.m.43 views

CVE-2018-6515

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation...

7.8CVSS8AI score0.00847EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/06/08 7:32 a.m.30 views

CVE-2018-6514

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation...

7.8CVSS3.6AI score0.00847EPSS
Exploits0References2
Rows per page
Query Builder