Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2019/10/09 12:0 a.m.33 views

Puppet Enterprise < 2017.3.4 Code Execution Vulnerability

According to its self-reported version number, the Puppet install running on the remote host is version 5.5.x prior to 2017.3.4. It is, therefore, affected by multiple vulnerabilities: - a remote code execution vulnerability due to incorrect validation of strings in the factertask or puppetconf...

8CVSS7.8AI score0.01906EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2018/04/13 12:19 a.m.24 views

CVE-2017-10690

In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4...

6.5CVSS6.6AI score0.01019EPSS
Exploits0References2
OSV
OSV
added 2018/02/09 8:29 p.m.23 views

CVE-2017-10690

In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4...

6.5CVSS6.7AI score0.01019EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2018/02/09 8:0 p.m.24 views

CVE-2017-10690

In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4...

6.5CVSS6.7AI score0.01019EPSS
Exploits0
CVE
CVE
added 2018/02/09 8:0 p.m.84 views

CVE-2017-10690

Puppet Agent vulnerability CVE-2017-10690 allowed retrieving facts from an environment the agent was not classified to access. Root cause: environment leakage within the agent’s fact retrieval. Fixes were implemented in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4; other references ...

6.5CVSS6.5AI score0.01019EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder