Skip to main content

Puppet Enterprise Users

4 CVEs product

Monthly

CVE-2012-1986 LOW Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
2.1
EPSS
0.4%
CVE-2012-1906 Ruby LOW PATCH Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from. Rated low severity (CVSS 3.3).

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2012-1054 MEDIUM This Month

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2012-1053 Ruby MEDIUM PATCH This Month

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3. Rated medium severity (CVSS 6.9).

Privilege Escalation Puppet Puppet Enterprise Puppet Enterprise Users
NVD
CVSS 2.0
6.9
EPSS
0.0%
EPSS 0% CVSS 2.1
LOW Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from. Rated low severity (CVSS 3.3).

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise +1
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3. Rated medium severity (CVSS 6.9).

Privilege Escalation Puppet Puppet Enterprise +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy