Vulnerabilities > Puppet

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2018-11747 Improper Certificate Validation vulnerability in Puppet Discovery
Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container.
network
low complexity
puppet CWE-295
7.5
2018-10-02 CVE-2018-11752 Insufficiently Protected Credentials vulnerability in Puppet Cisco IOS 0.1.0/0.2.0/0.3.0
Previous releases of the Puppet cisco_ios module output SSH session debug information including login credentials to a world readable file on every run.
local
low complexity
puppet CWE-522
2.1
2018-10-02 CVE-2018-11750 Improper Input Validation vulnerability in Puppet Cisco IOS Module
Previous releases of the Puppet cisco_ios module did not validate a host's identity before starting a SSH connection.
network
low complexity
puppet CWE-20
4.0
2018-10-02 CVE-2018-11748 Insufficiently Protected Credentials vulnerability in Puppet Device Manager
Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world readable.
local
low complexity
puppet CWE-522
2.1
2018-07-03 CVE-2018-11746 Insufficiently Protected Credentials vulnerability in Puppet Discovery 1.0.0/1.0.1/1.1.0
In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM connections can fall back to using basic auth over insecure channels if a HTTPS server is not available.
network
low complexity
puppet CWE-522
5.0
2018-06-14 CVE-2018-6516 Unspecified vulnerability in Puppet Enterprise Client Tools
On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation.
network
puppet microsoft
6.8
2018-06-11 CVE-2018-6515 Improper Input Validation vulnerability in Puppet
Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation.
6.8
2018-06-11 CVE-2018-6514 Untrusted Search Path vulnerability in Puppet
In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation.
6.8
2018-06-11 CVE-2018-6513 Untrusted Search Path vulnerability in Puppet and Puppet Enterprise
Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2, were vulnerable to an attack where an unprivileged user on Windows agents could write custom facts that can escalate privileges on the next puppet run.
network
low complexity
puppet CWE-426
6.5
2018-06-11 CVE-2018-6512 Code Injection vulnerability in Puppet Pe-Razor-Server, Puppet Enterprise and Razor-Server
The previous version of Puppet Enterprise 2018.1 is vulnerable to unsafe code execution when upgrading pe-razor-server.
network
low complexity
puppet CWE-94
7.5