Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppet puppet enterprise 2015.3.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-2787
The Puppet Communications Protocol in Puppet Enterprise 2015.3.x prior to 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors.
Puppetlabs Puppet Enterprise 2015.3
Puppet Puppet Enterprise 2015.3.2
7.5
CVSSv2
CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x prior to 2015.3.3 and Puppet Agent 1.3.x prior to 1.3.6 does not properly validate server certificates, which might allow remote malicious users to spoof brokers and execute arbitrary commands via a crafted certificate.
Puppet Puppet Agent 1.3.0
Puppet Puppet Agent 1.3.1
Puppet Puppet Agent 1.3.2
Puppet Puppet Agent 1.3.4
Puppet Puppet Agent 1.3.5
Puppet Puppet Enterprise 2015.3.0
Puppet Puppet Enterprise 2015.3.2
6.5
CVSSv2
CVE-2016-5716
The console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node.
Puppet Puppet Enterprise 2015.3.2
Puppet Puppet Enterprise 2015.2.3
Puppet Puppet Enterprise 2015.2.0
Puppet Puppet Enterprise 2015.3.3
Puppet Puppet Enterprise 2016.2.1
Puppet Puppet Enterprise 2016.2.0
Puppet Puppet Enterprise 2016.1.1
Puppet Puppet Enterprise 2015.3.1
Puppet Puppet Enterprise 2015.2.1
Puppet Puppet Enterprise 2016.1.2
Puppet Puppet Enterprise 2015.3.0
Puppet Puppet Enterprise 2015.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started