Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppetlabs mcollective - vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2015-7331
The mcollective-puppet-agent plugin prior to 1.11.1 for Puppet allows remote malicious users to execute arbitrary code via vectors involving the --server argument.
Puppetlabs Mcollective-puppet-agent
4.4
CVSSv2
CVE-2014-3251
The MCollective aes_security plugin, as used in Puppet Enterprise prior to 3.3.0 and Mcollective prior to 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecif...
Puppet Puppet Enterprise
Puppetlabs Mcollective -
6.2
CVSSv2
CVE-2014-3248
Untrusted search path vulnerability in Puppet Enterprise 2.8 prior to 2.8.7, Puppet prior to 2.7.26 and 3.x prior to 3.6.2, Facter 1.6.x and 2.x prior to 2.0.2, Hiera prior to 1.3.4, and Mcollective prior to 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to ga...
Puppetlabs Facter
Puppet Facter 2.0.1
Puppet Facter 2.0.0
Puppet Marionette Collective
Puppet Hiera
Puppet Puppet
Puppet Puppet Enterprise
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started