CVE-2011-0528

EPSS 0.27%
Published 17.02.2014 16:55:04
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Puppet ≫ Puppet Version2.6.0

Puppet ≫ Puppet Version2.6.1

Puppet ≫ Puppet Version2.6.2

Puppet ≫ Puppet Version2.6.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.27%	0.47

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	8	4.9	AV:N/AC:L/Au:S/C:P/I:P/A:N

http://www.mail-archive.com/puppet-users%40googlegroups.com/msg16429.html

http://www.openwall.com/lists/oss-security/2011/01/27/6

http://www.openwall.com/lists/oss-security/2011/01/31/5

http://www.ubuntu.com/usn/USN-1365-1

https://nvd.nist.gov/vuln/detail/CVE-2011-0528

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-0528

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-0528

EUVD