CVE-2021-27025

Summary

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.

Affected Software

VendorProductVersion RangeStatus
n/aPuppet Enterprise, Puppet Agent- Puppet Enterprise prior to 2019.8.9, Puppet Enterprise prior to 2021.4.0, Puppet Agent prior to 6.25.1, Puppet Agent prior to 7.12.1, Puppet Agent 5.5.xaffected

Weaknesses

  • Silent Configuration Failure

ADP Enrichment

CVE Program Container

Additional References

References