CVE-2017-2296
published 2018-02-01CVE-2017-2296: In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain formatting characters as Classifier node group names or RBAC role…
medium6.5CVSS 3.0
AVNACLPRLUINSUCNINAH
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain formatting characters as Classifier node group names or RBAC role display names causes errors, effectively causing a DOS to the service. This was resolved in Puppet Enterprise 2017.2.2.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | puppet | — | — |
| puppet | puppet_enterprise | — | — |
| puppet | puppet_enterprise | — | — |
| puppet | puppet_enterprise | — | — |
| puppet | puppet_enterprise | — | — |