3 matches found
Puppet < 2.7.26 / 3.6.2 and Enterprise 2.8.x < 2.8.7 Multiple Vulnerabilities
According to its self-reported version number, the Puppet install on the remote host is affected by multiple vulnerabilities : - A privilege escalation vulnerability related to input validation and paths exists in the bundled Ruby environment. An attacker could trick a privileged user into...
CVE-2014-3249
CVE-2014-3249 affects Puppet Enterprise 2.8.x before 2.8.7. The vulnerability is an information-disclosure issue allowing remote attackers to obtain sensitive information via vectors involving hiding and unhiding nodes. The NVD entry documents a MEDIUM severity (CVSS2 base score 5.0) with network...
CVE-2014-3249
Puppet Enterprise 2.8.x before 2.8.7 allows remote attackers to obtain sensitive information via vectors involving hiding and unhiding nodes...