V
Scaner-VS
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
CVE-2014-7170
DEB
Low

Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or…

CVSS
1.9
Low
EPSS
0.00
p13
Published
2014-01-01
Updated
2014-01-01
Description

Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.

Tags · CWE
CWE-362
CAPEC-26
CAPEC-29
Affected products
Puppet_server
CVSS vector
AV:L/AC:M/Au:N/C:P/I:N/A:N
Timeline
2014-01-01
Published
2014-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: M
Medium
Authentication
Au: N
None (N)
Confidentiality Impact
C: P
Partial
Integrity Impact
I: N
None (N)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.002 · p13
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
ProductVendorStatus
puppetserverTracked
puppet_server*Tracked
Source databases
DEB
CVE