Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppet puppet enterprise 2015.3.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x prior to 2015.3.3 and Puppet Agent 1.3.x prior to 1.3.6 does not properly validate server certificates, which might allow remote malicious users to spoof brokers and execute arbitrary commands via a crafted certificate.
Puppet Puppet Agent 1.3.0
Puppet Puppet Agent 1.3.1
Puppet Puppet Agent 1.3.2
Puppet Puppet Agent 1.3.4
Puppet Puppet Agent 1.3.5
Puppet Puppet Enterprise 2015.3.0
Puppet Puppet Enterprise 2015.3.2
6.5
CVSSv2
CVE-2016-5716
The console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node.
Puppet Puppet Enterprise 2015.3.2
Puppet Puppet Enterprise 2015.2.3
Puppet Puppet Enterprise 2015.2.0
Puppet Puppet Enterprise 2015.3.3
Puppet Puppet Enterprise 2016.2.1
Puppet Puppet Enterprise 2016.2.0
Puppet Puppet Enterprise 2016.1.1
Puppet Puppet Enterprise 2015.3.1
Puppet Puppet Enterprise 2015.2.1
Puppet Puppet Enterprise 2016.1.2
Puppet Puppet Enterprise 2015.3.0
Puppet Puppet Enterprise 2015.2.2
5
CVSSv2
CVE-2016-2787
The Puppet Communications Protocol in Puppet Enterprise 2015.3.x prior to 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors.
Puppetlabs Puppet Enterprise 2015.3
Puppet Puppet Enterprise 2015.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started