Information Disclosure Vulnerability in Puppet Enterprise API Endpoint

Information Disclosure Vulnerability in Puppet Enterprise API Endpoint

CVE-2014-9355 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Puppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.

Learn more about our Api Penetration Testing.