Vulnerabilities > Puppetlabs > Puppet Enterprise
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-13 | CVE-2016-2787 | Improper Access Control vulnerability in multiple products The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors. | 5.0 |