Remote authenticated nodes can submit reports for other nodes in Puppet
CVE-2013-2275 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:N
The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.