5 matches found
Puppet Enterprise 2015.x / 2016.x < 2016.4.0 Multiple Vulnerabilities
According to its self-reported version number, the Puppet Enterprise application running on the remote host is version 2015.x or 2016.x prior to 2016.4.0. It is, therefore, affected by the following vulnerabilities : - A cross-site redirection vulnerability exists within the /auth/login script du...
Puppet Enterprise < 2016.4.0 Multiple Vulnerabilities
According to its self-reported version number, the Puppet Enterprise application running on the remote host is version prior to 2016.2.1. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in the environment catalog component. An...
CVE-2016-5715
CVE-2016-5715 affects Puppet Enterprise Console: open redirect in the login redirect parameter on Puppet Enterprise 2015.x and 2016.x before 2016.4.0. Root cause described as an incomplete fix for CVE-2015-6501. Impact: attackers can lure users to arbitrary sites via a crafted //domain URL. The v...
Puppet Enterprise < 2016.4.0 Multiple Vulnerabilities
Puppet Enterprise is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:puppet:enterprise"; if...
Puppet Enterprise Web Interface Open Redirect
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PUPPET-AUTHENTICATION-REDIRECT.txt + ISR: ApparitionSec Vendor: ============== www.puppet.com Product: ================================ Puppet Enterprise Web Interface Version...