Skip to main content

Puppet

39 CVEs product

Monthly

CVE-2021-27026 MEDIUM This Month

A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Connect Puppet Enterprise
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-27025 Ruby MEDIUM PATCH This Month

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Puppet Puppet Agent Puppet Enterprise Fedora
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-27022 MEDIUM This Month

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2021-27021 HIGH This Week

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise Puppetdb
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2020-7942 Ruby MEDIUM PATCH This Month

Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Agent
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2018-6515 HIGH This Week

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE Puppet
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2018-6514 HIGH This Week

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Puppet
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2018-6513 HIGH This Week

Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Puppet Puppet Enterprise
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2014-3250 MEDIUM PATCH This Month

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Apache Information Disclosure Puppet Linux
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-2295 HIGH This Week

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable. No vendor patch available.

Deserialization RCE Puppet Debian Linux
NVD
CVSS 3.0
8.2
EPSS
1.9%
CVE-2016-2785 Ruby CRITICAL PATCH Act Now

Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Puppet Puppet Server Puppet Agent
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2014-3248 Ruby MEDIUM POC PATCH This Month

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before. Rated medium severity (CVSS 6.2). Public exploit code available.

Information Disclosure Facter Marionette Collective Hiera Puppet +1
NVD
CVSS 2.0
6.2
EPSS
0.1%
CVE-2013-1399 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) live management, and (3) user administration components in the console in Puppet Enterprise (PE). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Puppet Enterprise Puppet
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-1398 HIGH This Week

The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does not properly restrict access to a catalog of private SSL keys, which allows remote authenticated users to obtain sensitive. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Puppet Enterprise Puppet
NVD VulDB
CVSS 2.0
8.5
EPSS
0.6%
CVE-2012-5158 MEDIUM This Month

Puppet Enterprise (PE) before 2.6.1 does not properly invalidate sessions when the session secret has changed, which allows remote authenticated users to retain access via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Puppet Enterprise Puppet
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-4969 LOW Monitor

Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise Debian Linux Ubuntu Linux
NVD
CVSS 2.0
2.1
EPSS
0.0%
CVE-2013-4956 LOW Monitor

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2013-4761 Ruby MEDIUM PATCH This Month

Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable.

Information Disclosure Puppet Puppet Enterprise
NVD
CVSS 2.0
5.1
EPSS
0.6%
CVE-2013-3567 Ruby HIGH PATCH This Week

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Puppet Ubuntu Linux Suse Linux Enterprise Desktop Suse Linux Enterprise Server +1
NVD
CVSS 2.0
7.5
EPSS
6.5%
CVE-2013-2716 MEDIUM This Month

Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Enterprise Puppet
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-2275 MEDIUM This Month

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-2274 MEDIUM This Month

Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Puppet Puppet Enterprise
NVD
CVSS 2.0
6.5
EPSS
1.9%
CVE-2013-1655 Ruby HIGH PATCH This Week

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Puppet Puppet Enterprise
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2013-1654 MEDIUM This Month

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-1653 HIGH This Week

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

RCE Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
7.1
EPSS
2.0%
CVE-2013-1652 MEDIUM This Month

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
4.9
EPSS
0.4%
CVE-2013-1640 CRITICAL Act Now

The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
9.0
EPSS
1.9%
CVE-2012-3867 Ruby MEDIUM POC PATCH This Month

lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Puppet Debian Linux Ubuntu Linux Opensuse +3
NVD GitHub
CVSS 2.0
4.3
EPSS
1.4%
CVE-2012-3866 Ruby LOW POC PATCH Monitor

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Puppet Puppet Enterprise
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-3865 Ruby LOW POC PATCH Monitor

Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Path Traversal Puppet Puppet Enterprise
NVD GitHub
CVSS 2.0
3.5
EPSS
1.2%
CVE-2012-3864 MEDIUM POC PATCH This Month

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Puppet Puppet Enterprise
NVD GitHub
CVSS 2.0
4.0
EPSS
0.3%
CVE-2012-3408 Ruby LOW POC PATCH Monitor

lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

Authentication Bypass Puppet Enterprise Puppet
NVD GitHub
CVSS 2.0
2.6
EPSS
0.3%
CVE-2012-1989 Ruby LOW PATCH Monitor

telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity.

Privilege Escalation Puppet Puppet Enterprise
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2012-1988 Ruby MEDIUM PATCH This Month

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Puppet Puppet Enterprise Fedora Debian Linux +1
NVD
CVSS 2.0
6.0
EPSS
0.5%
CVE-2012-1987 Ruby LOW PATCH Monitor

Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Puppet Puppet Enterprise
NVD
CVSS 2.0
3.5
EPSS
2.6%
CVE-2012-1986 LOW Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
2.1
EPSS
0.4%
CVE-2012-1906 Ruby LOW PATCH Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from. Rated low severity (CVSS 3.3).

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2012-1054 MEDIUM This Month

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2012-1053 Ruby MEDIUM PATCH This Month

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3. Rated medium severity (CVSS 6.9).

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 4.4
MEDIUM This Month

A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Connect +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Puppet Puppet Agent +2
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Agent
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Puppet
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Puppet +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Apache Information Disclosure Puppet +1
NVD
EPSS 2% CVSS 8.2
HIGH This Week

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable. No vendor patch available.

Deserialization RCE Puppet +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Puppet Puppet Server +1
NVD GitHub
EPSS 0% CVSS 6.2
MEDIUM POC PATCH This Month

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before. Rated medium severity (CVSS 6.2). Public exploit code available.

Information Disclosure Facter Marionette Collective +3
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) live management, and (3) user administration components in the console in Puppet Enterprise (PE). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Puppet Enterprise Puppet
NVD VulDB
EPSS 1% CVSS 8.5
HIGH This Week

The pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does not properly restrict access to a catalog of private SSL keys, which allows remote authenticated users to obtain sensitive. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Puppet Enterprise Puppet
NVD VulDB
EPSS 0% CVSS 4.0
MEDIUM This Month

Puppet Enterprise (PE) before 2.6.1 does not properly invalidate sessions when the session secret has changed, which allows remote authenticated users to retain access via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Puppet Enterprise Puppet
NVD VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise +2
NVD
EPSS 0% CVSS 3.6
LOW Monitor

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise
NVD
EPSS 1% CVSS 5.1
MEDIUM PATCH This Month

Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable.

Information Disclosure Puppet Puppet Enterprise
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Puppet Ubuntu Linux +3
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Enterprise Puppet
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise +1
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Puppet Puppet Enterprise
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Puppet Puppet Enterprise
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise +1
NVD
EPSS 2% CVSS 7.1
HIGH This Week

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

RCE Puppet Puppet Enterprise +1
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 2% CVSS 9.0
CRITICAL Act Now

The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Puppet Puppet Enterprise +1
NVD
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Puppet Debian Linux +5
NVD GitHub
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Puppet Puppet Enterprise
NVD GitHub
EPSS 1% CVSS 3.5
LOW POC PATCH Monitor

Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

Path Traversal Puppet Puppet Enterprise
NVD GitHub
EPSS 0% CVSS 4.0
MEDIUM POC PATCH This Month

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Puppet Puppet Enterprise
NVD GitHub
EPSS 0% CVSS 2.6
LOW POC PATCH Monitor

lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

Authentication Bypass Puppet Enterprise Puppet
NVD GitHub
EPSS 0% CVSS 3.6
LOW PATCH Monitor

telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity.

Privilege Escalation Puppet Puppet Enterprise
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Puppet Puppet Enterprise +3
NVD
EPSS 3% CVSS 3.5
LOW PATCH Monitor

Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Puppet Puppet Enterprise
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from. Rated low severity (CVSS 3.3).

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3. Rated medium severity (CVSS 6.9).

Privilege Escalation Puppet Puppet Enterprise +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy