World-Writable Module Installation Vulnerability in Previous Versions of Puppet Agent

World-Writable Module Installation Vulnerability in Previous Versions of Puppet Agent

CVE-2017-10689 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.

Learn more about our Web Application Penetration Testing UK.