The host is installed with Puppet 2.6.x before 2.6.18, 2.7.x before 2.7.21, 3.1.x before 3.1.1 or Puppet Enterprise before 1.2.7 or 2.7.x before 2.7.2 and is prone to security bypass vulnerability. A flaw is present in the applications, which fail to handle the default configuration for puppet masters. Successful exploitation allows remote authenticated nodes to submit reports for other nodes via ...