CVE-2017-2296
N/A
N/A
Summary
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain formatting characters as Classifier node group names or RBAC role display names causes errors, effectively causing a DOS to the service. This was resolved in Puppet Enterprise 2017.2.2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Puppet | Puppet Enterprise | 2017.1.x, 2017.2.1. Fixed in 2017.2.2 | affected |
Weaknesses
- Denial of Service
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.