CVE-2014-9355

Опубликовано: 19 дек. 2014

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.

Ссылки

http://puppetlabs.com/security/cve/cve-2014-9355
Vendor Advisory
http://secunia.com/advisories/61265
http://puppetlabs.com/security/cve/cve-2014-9355
Vendor Advisory
http://secunia.com/advisories/61265

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*

Версия до 3.7.0 (включая)

EPSS

Процентиль: 27%

0.00095

Низкий

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2014-9355

ubuntu

около 11 лет назад

Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.

CVE-2014-9355

debian

около 11 лет назад

Puppet Enterprise before 3.7.1 allows remote authenticated users to ob ...

GHSA-wrgx-77j9-vq8p

github

больше 3 лет назад

Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.

EPSS

Процентиль: 27%

0.00095

Низкий

4 Medium

CVSS2

Дефекты

CWE-200