CVE-2023-5255

Опубликовано: 03 окт. 2023

Источник: redhat

CVSS3: 7.5

EPSS Низкий

Описание

For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.

An improper resource release vulnerability was found in puppet. For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Satellite 6	puppetserver	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-404

https://bugzilla.redhat.com/show_bug.cgi?id=2242146puppet: Denial of Service for Revocation of Auto Renewed Certificates

EPSS

Процентиль: 34%

0.00136

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2023-5255

CVSS3: 4.4

ubuntu

больше 2 лет назад

For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.

CVE-2023-5255

CVSS3: 4.4

nvd

больше 2 лет назад

For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.

CVE-2023-5255

CVSS3: 4.4

debian

больше 2 лет назад

For certificates that utilize the auto-renew feature in Puppet Server, ...

GHSA-q3vx-5wxp-g986

CVSS3: 4.4

github

больше 2 лет назад

For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.

EPSS

Процентиль: 34%

0.00136

Низкий

7.5 High

CVSS3