cbcvebase.

Puppet Enterprise vulnerabilities

89 known vulnerabilities affecting puppet/puppet_enterprise.

Total CVEs
89
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL9HIGH18MEDIUM51LOW11

Vulnerabilities

Page 3 of 5
CVE-2013-1654P4MEDIUMCVSS 5.0v3.1.02013-03-20
CVE-2013-1654 [MEDIUM] CVE-2013-1654: Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does no Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors.
nvd
CVE-2013-1652P4MEDIUMCVSS 4.9v3.1.0v2.7.0+1 more2013-03-20
CVE-2013-1652 [MEDIUM] CWE-264 CVE-2013-1652: Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2. Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors.
nvd
CVE-2013-1399P4MEDIUMCVSS 6.8≤ 2.7.0v2.0.0+2 more2014-03-14
CVE-2013-1399 [MEDIUM] CWE-352 CVE-2013-1399: Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) l Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) node request management, (2) live management, and (3) user administration components in the console in Puppet Enterprise (PE) before 2.7.1 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
nvd
CVE-2016-5715P4MEDIUMCVSS 6.1≥ 2015.2.0, ≤ 2015.3.3≥ 2016.1.1, ≤ 2016.4.02017-01-12
CVE-2016-5715 [MEDIUM] CVE-2016-5715: Open redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 al Open redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a // (slash slash) followed by a domain in the redirect parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6501.
nvd
CVE-2017-2293P4MEDIUMCVSS 4.9fixed in 2016.4.5v2016.5.1+4 more2018-02-01
CVE-2017-2293 [MEDIUM] CVE-2017-2293: Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped with an MCollective configuratio Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped with an MCollective configuration that allowed the package plugin to install or remove arbitrary packages on all managed agents. This release adds default configuration to not allow these actions. Customers who rely on this functionality can change this policy.
nvd
CVE-2013-4963P4MEDIUMCVSS 6.8≤ 3.0.0v1.0+12 more2014-03-14
CVE-2013-4963 [MEDIUM] CWE-352 CVE-2013-4963: Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet Enterprise (PE) before 3.0.1 al Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet Enterprise (PE) before 3.0.1 allow remote attackers to hijack the authentication of users for requests that deleting a (1) report, (2) group, or (3) class or possibly have other unspecified impact.
nvd
CVE-2016-9686P4MEDIUMCVSS 5.3≥ 2016.4.0, < 2016.4.3v2016.5.1+3 more2017-02-08
CVE-2016-9686 [MEDIUM] CWE-20 CVE-2016-9686: The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attac The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2.
nvd
CVE-2012-1053P4MEDIUMCVSS 6.9v1.2.0v1.2.1+6 more2012-05-29
CVE-2012-1053 [MEDIUM] CWE-264 CVE-2012-1053: The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2. The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementa
nvd
CVE-2013-4762P4MEDIUMCVSS 5.8≤ 3.0.0v2.5.1+5 more2013-08-20
CVE-2013-4762 [MEDIUM] CWE-20 CVE-2013-4762: Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, whic Puppet Enterprise before 3.0.1 does not sufficiently invalidate a session when a user logs out, which might allow remote attackers to hijack sessions by obtaining an old session ID.
nvd
CVE-2013-4962P4MEDIUMCVSS 5.8≤ 3.0.0v2.5.1+5 more2013-08-20
CVE-2013-4962 [MEDIUM] CWE-255 CVE-2013-4962: The reset password page in Puppet Enterprise before 3.0.1 does not force entry of the current passwo The reset password page in Puppet Enterprise before 3.0.1 does not force entry of the current password, which allows attackers to modify user passwords by leveraging session hijacking, an unattended workstation, or other vectors.
nvd
CVE-2016-2787P4MEDIUMCVSS 5.3v2015.3.22017-02-13
CVE-2016-2787 [MEDIUM] CWE-284 CVE-2016-2787: The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly v The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors.
nvd
CVE-2023-1894P4MEDIUMCVSS 5.3v2021.7.1v2023.0+2 more2023-05-04
CVE-2023-1894 [MEDIUM] CWE-1333 CVE-2023-1894: A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certifica A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.
nvd
CVE-2013-4968P4MEDIUMCVSS 6.1≥ 2.0.0, < 3.0.12019-12-11
CVE-2013-4968 [MEDIUM] CWE-79 CVE-2013-4968: Puppet Enterprise before 3.0.1 allows remote attackers to (1) conduct clickjacking attacks via unspe Puppet Enterprise before 3.0.1 allows remote attackers to (1) conduct clickjacking attacks via unspecified vectors related to the console, and (2) conduct cross-site scripting (XSS) attacks via unspecified vectors related to "live management."
nvd
CVE-2018-6511P4MEDIUMCVSS 5.4fixed in 2017.3.6≥ 2017.3.x, < 2017.3.62018-05-08
CVE-2018-6511 [MEDIUM] CWE-79 CVE-2018-6511: A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Puppet Enterprise Console. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6.
nvd
CVE-2018-6510P4MEDIUMCVSS 5.4fixed in 2017.3.6≥ 2017.3.x, < 2017.3.62018-05-08
CVE-2018-6510 [MEDIUM] CWE-79 CVE-2018-6510: A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6.
nvd
CVE-2013-2716P4MEDIUMCVSS 5.0≤ 2.7.2v2.0.0+2 more2013-04-10
CVE-2013-2716 [MEDIUM] CWE-310 CVE-2013-2716: Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client conf Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows remote attackers to obtain console access via a crafted cookie.
nvd
CVE-2021-27022P4MEDIUMCVSS 4.9fixed in 2019.8.8v2019.8.72021-09-07
CVE-2021-27022 [MEDIUM] CWE-532 CVE-2021-27022: A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).
nvd
CVE-2012-3864P4MEDIUMCVSS 4.0≤ 2.5.12012-08-06
CVE-2012-3864 [MEDIUM] CWE-200 CVE-2012-3864: Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote auth Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.
nvd
CVE-2015-6502P4MEDIUMCVSS 6.1fixed in 2015.2.12017-12-11
CVE-2015-6502 [MEDIUM] CWE-79 CVE-2015-6502: Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise before 2015.2.1 allows Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise before 2015.2.1 allows remote attackers to inject arbitrary web script or HTML via the string parameter, related to Login Redirect.
nvd
CVE-2014-3248P4MEDIUMCVSS 6.2≥ 2.8.0, < 2.8.72014-11-16
CVE-2014-3248 [MEDIUM] CWE-17 CVE-2014-3248: Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated
nvd
Puppet Enterprise vulnerabilities | cvebase