Lucene search
+L

4 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2020-7942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate...

6.5CVSS6.9AI score0.00823EPSS
Exploits0References2
susecve
susecve
added 2023/02/15 4:1 a.m.3 views

SUSE CVE-2020-7942

Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for a...

6.5CVSS8.7AI score0.00823EPSS
Exploits0References4
osv
osv
added 2020/04/21 3:14 p.m.5 views

SUSE-SU-2020:1057-1 Security update for puppet

This update for puppet fixes the following issues: - CVE-2020-7942: Added a warning for a vulnerable configuration option, which could allow for information disclosure in certain setups. Disabling it my break some setups. bsc1167645...

6.5CVSS6.8AI score0.00823EPSS
Exploits0References3
cve
cve
added 2020/02/19 8:52 p.m.170 views

CVE-2020-7942

CVE-2020-7942 concerns Puppet’s certificate-based access model. The issue arises when a node’s catalog can be retrieved for another node by altering facts during a run, potentially exposing information if a certificate is compromised. Affected are Puppet 6.x before 6.13.0, Puppet Agent 6.x before...

6.5CVSS6.1AI score0.00823EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder