In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2018:2927 | Third Party Advisory |
https://puppet.com/security/cve/CVE-2017-10690 | Vendor Advisory |
Configurations
History
No history.
Information
Published : 2018-02-09 20:29
Updated : 2024-02-28 16:25
NVD link : CVE-2017-10690
Mitre link : CVE-2017-10690
CVE.ORG link : CVE-2017-10690
JSON object : View
Products Affected
puppet
- puppet_enterprise
- puppet
redhat
- satellite
CWE
CWE-269
Improper Privilege Management