Vulnerabilities > Puppetlabs > Puppet Enterprise

DATE CVE VULNERABILITY TITLE RISK
2017-02-13 CVE-2016-2787 Improper Access Control vulnerability in multiple products
The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors.
network
low complexity
puppet puppetlabs CWE-284
5.0