CVE-2016-9599

puppet-tripleo vulnerable to an access-control flaw in IPtables rules management prior to versions 5.5.0 and 6.2.0. The issue allows creation of TCP/UDP rules with empty port values, which can be exploited to access unauthorized resources when SSL is enabled. Affected component: puppet-tripleo IP...