Remote authenticated nodes can submit reports for other nodes in Puppet

Remote authenticated nodes can submit reports for other nodes in Puppet

CVE-2013-2275 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.