Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2019/10/09 12:0 a.m.30 views

Puppet Enterprise < 2016.4.5 / 2016.5.x / 2017.1.x Multiple Vulnerabilities

According to its self-reported version number, the Puppet install on the remote host is affected by multiple vulnerabilities : - A remote command execution vulnerability exists in the MCollective plugin due to unsafe YAML deserialization. An unauthenticated, remote attacker can exploit this to...

9CVSS7.3AI score0.02375EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2018/02/02 12:0 a.m.27 views

Puppet Enterprise < 2016.4.4 / 2017 < 2017.2.1 Multiple Vulnerabilities

Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 are prone to multiple vulnerabilities. This VT has duplicated the existing VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

7.5CVSS6.3AI score0.00701EPSS
Exploits0References2
NVD
NVD
added 2018/02/01 10:29 p.m.16 views

CVE-2017-2293

Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped with an MCollective configuration that allowed the package plugin to install or remove arbitrary packages on all managed agents. This release adds default configuration to not allow these actions. Customers who rely on this...

5.5CVSS5.2AI score0.00701EPSS
Exploits0References1
CVE
CVE
added 2018/02/01 10:0 p.m.57 views

CVE-2017-2293

CVE-2017-2293 affects Puppet Enterprise prior to 2016.4.5 or 2017.2.1, where MCollective configuration allowed the package plugin to install or remove arbitrary packages on all managed agents. The issue arises from an insecure default configuration that permits package management actions via MCol...

5.5CVSS6AI score0.00701EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2017/07/06 12:0 a.m.22 views

Puppet Enterprise < 2016.4.5, 2016.5.x < 2017.2.1 Multiple Vulnerabilities

Puppet Enterprise is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:puppet:enterprise"; if...

9CVSS6.8AI score0.02375EPSS
Exploits0References5
Rows per page
Query Builder