EPSS
Percentile
43.9%
puppet-tripleo is is vulnerable to access control bypass. It happens because it does not prevent the creation of TCP/UDP rules with empty port values, allowing the attacker to use these open ports to gain access to unauthorized resources.
rhn.redhat.com/errata/RHSA-2017-0025.html
access.redhat.com/errata/RHSA-2017:0025
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9599