V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2011-0528
DEB
Medium

Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or m…

CVSS
5.5
Medium
EPSS
0.02
p73
Published
2011-01-01
Updated
2011-01-01
Description

Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.

Tags · CWE
CWE-264
Affected products
Puppet
CVSS vector
AV:N/AC:L/Au:S/C:P/I:P/A:N
Timeline
2011-01-01
Published
2011-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Authentication
Au: S
Single
Confidentiality Impact
C: P
Partial
Integrity Impact
I: P
Partial
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.017 · p73
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
puppetTracked
puppetTracked
puppetTracked
puppet*Tracked
Source databases
DEB
CVE
UBU