Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2014-3250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain...

6.5CVSS6.9AI score0.00894EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 6 : puppet (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - puppet: incorrect URL decoding CVE-2016-2785 - The default vhost configuration file in Puppet before 3.6....

9.8CVSS6.3AI score0.99999EPSS
Exploits7References4
CVE
CVE
added 2017/12/11 5:0 p.m.60 views

CVE-2014-3250

CVE-2014-3250 affects Puppet before 3.6.2. The issue is that the default vhost configuration file does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. The availa...

6.5CVSS6.1AI score0.00894EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/07/02 12:0 a.m.43 views

Puppet < 2.7.26 / 3.6.2 and Enterprise 2.8.x < 2.8.7 Multiple Vulnerabilities

According to its self-reported version number, the Puppet install on the remote host is affected by multiple vulnerabilities : - A privilege escalation vulnerability related to input validation and paths exists in the bundled Ruby environment. An attacker could trick a privileged user into...

6.5CVSS7.3AI score0.01779EPSS
Exploits1References6
OSV
OSV
added 2014/06/30 3:48 p.m.14 views

SUSE-RU-2015:0696-1 Security update for puppet

Puppet was updated to fix the following security issues: Unsafe use of temporary files. CVE-2013-4969 Arbitrary code execution with required social engineering. CVE-2014-3248, CVE-2014-3250 Security Issues references: CVE-2014-3248 CVE-2013-4969 CVE-2014-3250...

7.5CVSS6.8AI score0.03408EPSS
Exploits2References15
Rows per page
Query Builder