CVE-2017-10690
N/A
N/A
Summary
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Puppet | Puppet Enterprise | 2017.3.x prior to 2017.3.4 | affected |
| Puppet | Puppet Agent | 5.x prior to 5.3.4 | affected |
Weaknesses
- Privilege Escalation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.