Описание
In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.3.4 (исключая)Версия от 1.10.0 (включая) до 1.10.10 (исключая)Версия до 2016.4.10 (исключая)Версия от 2017.1.0 (включая) до 2017.3.4 (исключая)
Одно из
cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Конфигурация 3
cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00092
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-269
Связанные уязвимости
CVSS3: 5.5
ubuntu
почти 8 лет назад
In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
CVSS3: 2.8
redhat
больше 8 лет назад
In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
CVSS3: 5.5
debian
почти 8 лет назад
In previous versions of Puppet Agent it was possible to install a modu ...
EPSS
Процентиль: 26%
0.00092
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-269