Puppet Enterprise vulnerabilities
89 known vulnerabilities affecting puppet/puppet_enterprise.
Total CVEs
89
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL9HIGH18MEDIUM51LOW11
Vulnerabilities
Page 5 of 5
CVE-2014-3251P4MEDIUMCVSS 4.4≤ 3.2.02014-08-12
CVE-2014-3251 [MEDIUM] CWE-362 CVE-2014-3251: The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective befor
The MCollective aes_security plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to a race condition.
nvd
CVE-2011-3872P4LOWCVSS 2.6v1.2.0v1.2.1+2 more2011-10-27
CVE-2011-3872 [LOW] CWE-20 CVE-2011-3872: Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack agai
nvd
CVE-2012-3408P4LOWCVSS 2.6fixed in 2.5.22012-08-06
CVE-2012-3408 [LOW] CWE-287 CVE-2012-3408: lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, support
lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.
nvd
CVE-2012-1989P4LOWCVSS 3.6v1.2.0v1.2.1+7 more2012-06-27
CVE-2012-1989 [LOW] CWE-264 CVE-2012-1989: telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.
telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet connection log (/tmp/out.log).
nvd
CVE-2012-1906P4LOWCVSS 3.3v2.5.0v1.2.0+7 more2012-05-29
CVE-2012-1906 [LOW] CWE-264 CVE-2012-1906: Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages via a symlink attack on a temporary file in /tmp.
nvd
CVE-2013-4956P4LOWCVSS 3.6v2.8.0v2.8.1+2 more2013-08-20
CVE-2013-4956 [LOW] CWE-264 CVE-2013-4956: Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet E
Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permi
nvd
CVE-2013-4969P4LOWCVSS 2.1≥ 2.0.0, < 2.8.4≥ 3.1, < 3.1.12014-01-07
CVE-2013-4969 [LOW] CWE-59 CVE-2013-4969: Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
nvd
CVE-2012-3866P4LOWCVSS 2.1≤ 2.5.12012-08-06
CVE-2012-3866 [LOW] CWE-264 CVE-2012-3866: lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644
lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file.
nvd
CVE-2013-4959P4LOWCVSS 2.1≤ 3.0.0v2.5.1+5 more2013-08-20
CVE-2013-4959 [LOW] CWE-200 CVE-2013-4959: Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "n
Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache.
nvd
← Previous5 / 5