CVE-2014-9355
published 2014-12-19CVE-2014-9355: Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an…
medium4CVSS 3.1
AVNACLAuSCPINAN
Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | puppet | — | — |
| puppet | puppet_enterprise | <= 3.7.0 | — |