puppet is vulnerable to information disclosure through world-readable files. The vulnerability occurs during the first run of puppet cert generate
without a Certificate Authority (CA)
set up. Under such conditions, puppet generates a world-readable ca_key
with 0644
permission, when it should have generated the file with 0640
permissions where only Administrator
and SYSTEM
are valid users to read the ca_key
file.