Denial of Service Vulnerability in Puppet Enterprise 2017.1.x and 2017.2.1
CVE-2017-2296 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:N/A:P
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain formatting characters as Classifier node group names or RBAC role display names causes errors, effectively causing a DOS to the service. This was resolved in Puppet Enterprise 2017.2.2.
Learn more about our Web Application Penetration Testing UK.