Описание
Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a crafted request for a report.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat CloudForms Tools 1 | puppet | Will not fix | ||
| Red Hat OpenStack Platform 2.1 | puppet | Affected | ||
| Red Hat Subscription Asset Manager | puppet | Affected | ||
| OpenStack Folsom for RHEL 6 | puppet | Fixed | RHSA-2013:0710 | 04.04.2013 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS2
Связанные уязвимости
Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a crafted request for a report.
Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a crafted request for a report.
Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 al ...
Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a crafted request for a report.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
6.5 Medium
CVSS2