Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/28 7:24 a.m.12 views

CVE-2025-5459

A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...

8.6CVSS7.6AI score0.00425EPSS
Exploits0References1
Circl
Circl
added 2025/06/26 6:51 a.m.7 views

CVE-2025-5459

creationtimestamp| type| source ---|---|--- 2025-06-26 06:51:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19578 2025-06-26 10:31:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsiwcfxzxa2q...

8.8CVSS4.8AI score0.00425EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/06/26 6:30 a.m.4 views

CVE-2025-5459

A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...

8.8CVSS5.5AI score0.00425EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/06/26 6:30 a.m.4 views

CVE-2025-5459 OS Command Injection

A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...

8.6CVSS7.5AI score0.00425EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/26 6:30 a.m.11 views

CVE-2025-5459 OS Command Injection

A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...

8.6CVSS0.00425EPSS
Exploits0References1
CVE
CVE
added 2025/06/26 6:30 a.m.21 views

CVE-2025-5459

The CVE-2025-5459 entry affects Puppet Enterprise: versions 2018.1.8–2023.8.3 and 2025.3 are vulnerable due to a misused node group editing permission and a crafted class parameter that could allow commands to run with root privileges on the primary host. It has been fixed in Puppet Enterprise 20...

8.8CVSS6.9AI score0.00425EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder