Security bypass vulnerability in the default configuration for puppet masters in PuppetID: oval:org.secpod.oval:def:10648 | Date: (C)2013-04-08 (M)2022-01-24 |
Class: VULNERABILITY | Family: macos |
The host is installed with Puppet 2.x before 2.6.18, 2.7.x before 2.7.21, 3.1.x before 3.1.1 and is prone to security bypass vulnerability. A flaw is present in the applications, which fail to handle the default configuration for puppet masters. Successful exploitation allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.
Platform: |
Apple Mac OS X 10.8 |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X Server 10.8 |
Apple Mac OS X Server 10.9 |
Apple Mac OS X Server 10.10 |