Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppet puppet enterprise 2015.2.1 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-6502
Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise prior to 2015.2.1 allows remote malicious users to inject arbitrary web script or HTML via the string parameter, related to Login Redirect.
Puppet Puppet Enterprise
578
VMScore
CVE-2016-5716
The console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node.
Puppet Puppet Enterprise 2015.3.2
Puppet Puppet Enterprise 2015.2.3
Puppet Puppet Enterprise 2015.2.0
Puppet Puppet Enterprise 2015.3.3
Puppet Puppet Enterprise 2016.2.1
Puppet Puppet Enterprise 2016.2.0
Puppet Puppet Enterprise 2016.1.1
Puppet Puppet Enterprise 2015.3.1
Puppet Puppet Enterprise 2015.2.1
Puppet Puppet Enterprise 2016.1.2
Puppet Puppet Enterprise 2015.3.0
Puppet Puppet Enterprise 2015.2.2
516
VMScore
CVE-2015-6501
Open redirect vulnerability in the Console in Puppet Enterprise prior to 2015.2.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter.
Puppet Puppet Enterprise
169
VMScore
CVE-2015-7328
Puppet Server in Puppet Enterprise prior to 3.8.x prior to 3.8.3 and 2015.2.x prior to 2015.2.3 uses world-readable permissions for the private key of the Certification Authority (CA) certificate during the initial installation and configuration, which might allow local users to ...
Puppet Puppet Enterprise 2015.2.0
Puppet Puppet Enterprise 2015.2.2
Puppet Puppet Enterprise 2015.2.1
Puppet Puppet Enterprise 3.8.2
Puppet Puppet Enterprise 3.8.0
Puppet Puppet Enterprise 3.8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started