89 matches found
CVE-2018-6508
CVE-2018-6508 affects Puppet Enterprise 2017.3.x before 2017.3.3. It is a remote code execution vulnerability caused by accepting a specially crafted string in the facter_task or puppet_conf tasks. The issue only impacts the affected tasks/modules; if puppet tasks are not used, you may not be aff...
CVE-2016-2786
The CVE-2016-2786 entry affects the pxp-agent component in Puppet Enterprise 2015.3.x (before 2015.3.3) and Puppet Agent 1.3.x (before 1.3.6), where improper validation of server certificates may allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate. Thi...
CVE-2013-4955
CVE-2013-4955: Puppet Enterprise before 3.0.1 contains an open redirect in the login page via a URL in the service parameter, enabling attackers to redirect users to arbitrary sites and facilitate phishing. Impact is a web-redirect vuln; no exploit details provided. Mitigation: upgrade Puppet Ent...
CVE-2013-4958
Puppet Enterprise prior to version 3.0.1 is affected by CVE-2013-4958 due to not using a session timeout. This enables a local attacker with an unattended workstation to escalate privileges. The issue is described across multiple advisories (Red Hat, SUSE, Ubuntu, Debian, CVE lists) with the same...
CVE-2016-2787
CVE-2016-2787 affects Puppet Enterprise 2015.x (specifically 2015.3.x before 2015.3.3). The vulnerability arises from improper validation of broker node certificates in the Puppet Communications Protocol, enabling remote non-whitelisted hosts to prevent Puppet runs via unspecified vectors. The li...
CVE-2017-2297
Puppet Enterprise is affected by CVE-2017-2297. Affected products: Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1. Root cause: the system did not properly authenticate a user before returning a labeled RBAC access token. Impact: this can allow an unauthenticated bypass of authenticatio...
CVE-2013-1398
CVE-2013-1398 concerns the pe_mcollective module in Puppet Enterprise (PE) prior to version 2.7.1. The issue is that access to a catalog of private SSL keys is not properly restricted, allowing remote authenticated users to obtain sensitive information and potentially gain privileges by leveragin...
CVE-2021-27019
Technical details about CVE-2021-27019 are not publicly available in the provided connected documents; descriptions reiterate information disclosure through PuppetDB logging. Monitor for updates.
CVE-2012-0891
CVE-2012-0891 involves multiple XSS vulnerabilities in Puppet Dashboard 1.0 up to 1.2.5 and Puppet Enterprise 1.0 up to 1.2.5, and in 2.x up to 2.0.1. The issue allows an attacker to inject arbitrary web script or HTML via unspecified input fields, enabling likely browser-side code execution and ...
CVE-2013-4964
CVE-2013-4964 affects Puppet Enterprise before 3.0.1, where the session cookie is not marked as Secure in an HTTPS session. This allows an attacker intercepting traffic on an HTTP fallback or mixed-channel to capture the session cookie, potentially enabling unauthorized access. The description do...
CVE-2018-6511
CVE-2018-6511 is a cross-site scripting (XSS) vulnerability in the Puppet Enterprise Console of Puppet Enterprise. It affects Puppet Enterprise 2017.3.x releases prior to 2017.3.6, due to improper validation of user-supplied input. An unauthenticated remote attacker could exploit this by injectin...
CVE-2013-4762
CVE-2013-4762 affects Puppet Enterprise before 3.0.1: the logout flow does not sufficiently invalidate the user session, which could allow remote attackers to hijack a session by obtaining an old session ID. This root cause is consistently described across multiple sources (NVD, Red Hat, Ubuntu, ...
CVE-2016-5716
CVE-2016-5716 affects Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0. The vulnerability stems from unsafe string reads in the console, which potentially permits remote code execution on the console node. The issue has been reported across multiple sources (NVD entry and CNVD/CVE records) w...
CVE-2016-9686
CVE-2016-9686 affects the Puppet Communications Protocol (PCP) Broker in Puppet Enterprise. The root cause is incorrect validation of message header sizes, allowing an attacker to crash the PCP Broker and prevent commands from reaching agents, resulting in a partial availability impact. The vulne...
CVE-2017-2293
CVE-2017-2293 affects Puppet Enterprise prior to 2016.4.5 or 2017.2.1, where MCollective configuration allowed the package plugin to install or remove arbitrary packages on all managed agents. The issue arises from an insecure default configuration that permits package management actions via MCol...
CVE-2017-2294
CVE-2017-2294 affects Puppet Enterprise prior to 2016.4.5 or 2017.2.1, where MCollective server private keys were not marked as sensitive, allowing key values to be logged or stored in PuppetDB. The underlying issue is the absence of the sensitive data type for these keys, leading to potential in...
CVE-2018-6513
The vulnerability CVE-2018-6513 affects Puppet Enterprise and Puppet Agent: unprivileged Windows agents can write custom facts due to loading shared libraries from untrusted paths, enabling privilege escalation on the next puppet run. Affected: Puppet Enterprise 2016.4.x before 2016.4.12, 2017.3....
CVE-2021-27022
CVE-2021-27022 affects bolt-server and ace; vulnerable on SSH/WinRM inventory service nodes where running a task with sensitive parameters causes those parameters to be logged. The issue is described consistently across Red Hat, NVD/NVD feed, Ubuntu, Debian, and OSV/etc. The provided documents do...
CVE-2013-4966
Puppet Enterprise before 3.2.0 is affected: the master external node classification script does not verify the identity of consoles, which allows remote attackers to spoof a console and create arbitrary classifications on the master. Affected: Puppet Enterprise 3.x prior to 3.2.0. Root cause: mis...
CVE-2014-3249
CVE-2014-3249 affects Puppet Enterprise 2.8.x before 2.8.7. The vulnerability is an information-disclosure issue allowing remote attackers to obtain sensitive information via vectors involving hiding and unhiding nodes. The NVD entry documents a MEDIUM severity (CVSS2 base score 5.0) with network...
CVE-2013-1399
CVE-2013-1399 affects Puppet Enterprise before 2.7.1, with CSRF vulnerabilities in the console’s node request management, live management, and user administration components. The flaws may allow remote attackers to hijack authentication of unspecified victims via unknown vectors. The NVD describe...
CVE-2013-4963
Puppet Enterprise before 3.0.1 is affected by multiple CSRF vulnerabilities that allow an attacker to hijack user authentication for actions such as deleting a report, group, or class. The CVE-2013-4963 entry documents these issues, with the underlying impact being that an attacker could manipula...
CVE-2018-6512
CVE-2018-6512 affects Puppet Enterprise 2018.1.x prior to 2018.1.1 and razor-server/pe-razor-server prior to 1.9.0.0, enabling unsafe code execution when upgrading pe-razor-server. Connected sources confirm affected versions and components. Exploitation status is not specified in the documents. R...
CVE-2013-4968
CVE-2013-4968 concerns Puppet Enterprise prior to 3.0.1. According to the provided sources, remote attackers could trigger (1) clickjacking via vectors related to the console and (2) cross-site scripting (XSS) via vectors related to “live management.” The NVD entry notes these as web-related vuln...
CVE-2021-27020
CVE-2021-27020 affects Puppet Enterprise prior to 2019.8.6, where unsanitized user input during CSV export leads to a security risk. Root cause: input not sanitized in CSV export path. Impact: data exposure/compromise as described; no explicit exploitation details provided in the documents. Mitig...
CVE-2013-2716
CVE-2013-2716 affects Puppet Enterprise before 2.8.0. The issue is that the CAS client config (cas_client_config.yml) does not use a randomized secret when upgrading from older 1.2.x or 2.0.x versions, enabling a remote attacker to create a crafted cookie that authenticates to the console. Outcom...
CVE-2018-11749
CVE-2018-11749 affects Puppet Enterprise when startTLS with RBAC LDAP is configured; at login time, user credentials are sent in plaintext to the LDAP server. Affected PE versions: 2018.1.3, 2017.3.9, and 2016.4.14. Fixes are available in Puppet Enterprise 2018.1.4, 2017.3.10, and 2016.4.15. Seve...
CVE-2013-4967
Puppet Enterprise before 3.0.1 is vulnerable to an information-disclosure path that allows remote attackers to obtain the database password. The root cause involves how the password is seeded as a console parameter, combined with misconfigurations around External Node Classifiers and lack of acce...
CVE-2013-4959
CVE-2013-4959 : Puppet Enterprise before 3.0.1 exposes HTTP responses without a no-cache header, enabling local users to retrieve sensitive data via browser cache. Affected: Puppet Enterprise prior to 3.0.1. Impact as described: potential leakage of host name, MAC address, and SSH keys. CVSS 2.0 ...
CVE-2015-8470
CVE-2015-8470 affects Puppet Enterprise console: versions 3.7.x, 3.8.x, and 2015.2.x fail to set the secure flag on the JSESSIONID cookie in HTTPS, making remote cookie interception possible. This can lead to information disclosure or session hijacking as described in the sources. The connected d...
CVE-2013-4965
CVE-2013-4965 affects Puppet Enterprise prior to 3.1.0. The flaw is that authentication attempts for a console account are not properly restricted, enabling brute-force attempts that can bypass access controls. The description states the issue plainly but does not provide product-specific vulnera...
CVE-2014-9355
Puppet Enterprise before 3.7.1 is affected. An authenticated remote user can obtain licensing and certificate signing request information by accessing an unspecified API endpoint. The affected component is Puppet Enterprise (pre-3.7.1) and the root cause is an information-disclosure path exposed ...
CVE-2015-7330
Puppet Enterprise 2015.3 before 2015.3.1 is affected by CVE-2015-7330: a remote attacker can bypass the host whitelist protection mechanism by leveraging the Puppet communications protocol. The issue concerns the host-whitelist protection and is exploitable remotely via the Puppet communications ...
CVE-2023-5309
CVE-2023-5309 affects Puppet Enterprise; versions prior to 2021.7.6 and prior to 2023.5 have a flaw that causes broken session management for SAML implementations. The underlying issue is a session-management defect in Puppet Enterprise’s SAML handling, leading to interruptions of authenticated s...
CVE-2013-4957
The CVE affects Puppet Enterprise prior to 3.0.1, where the dashboard report handling allows an attacker to execute arbitrary YAML code through a crafted report-specific type. The root cause is processing of the report-specific type in the dashboard/report generation flow, enabling code execution...
CVE-2015-7328
CVE-2015-7328 affects Puppet Server in Puppet Enterprise before 3.8.3 and in Puppet Server 2015.2.x before 2015.2.3. The root cause is that during initial installation and configuration the CA certificate’s private key is created with world-readable permissions, enabling local users to read sensi...
CVE-2021-27026
CVE-2021-27026 affects Puppet Enterprise and related Puppet products. The issue is an information-disclosure flaw where sensitive plan parameters may be logged, caused by logging sensitive data during normal operation. Affected versions cited by Nessus: Puppet Enterprise < 2019.8.9 and 2021.x
CVE-2015-6502
The CVE-2015-6502 entries describe a cross-site scripting (XSS) vulnerability in Puppet Enterprise’s console, affecting versions before 2015.2.1. The vulnerability arises from the string parameter (related to Login Redirect) and allows remote injection of web script/HTML. The connected sources co...
CVE-2025-5459
The CVE-2025-5459 entry affects Puppet Enterprise: versions 2018.1.8–2023.8.3 and 2025.3 are vulnerable due to a misused node group editing permission and a crafted class parameter that could allow commands to run with root privileges on the primary host. It has been fixed in Puppet Enterprise 20...