Vulnerabilities > Puppet > Mcollective Puppet Agent
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-03 | CVE-2017-2290 | Incorrect Permission Assignment for Critical Resource vulnerability in Puppet Mcollective-Puppet-Agent 1.12.0 On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. | 8.8 |