CVE Vulnerabilities

CVE-2011-0528

Published: Feb 17, 2014 | Modified: Jul 10, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Puppet Puppet 2.6.0 (including) 2.6.0 (including)
Puppet Puppet 2.6.1 (including) 2.6.1 (including)
Puppet Puppet 2.6.2 (including) 2.6.2 (including)
Puppet Puppet 2.6.3 (including) 2.6.3 (including)
Puppet Ubuntu maverick *
Puppet Ubuntu natty *
Puppet Ubuntu oneiric *
Puppet Ubuntu upstream *

References