Privilege Escalation Vulnerability in Puppet Agent on Windows
CVE-2018-6515 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation.
Learn more about our Web Application Penetration Testing UK.