Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console, which allows remote attackers to obtain sensitive information via unspecified vectors.
Publish Date : 2014-03-09 Last Update Date : 2019-07-10
Puppet Enterprise before 3.2.0 does not properly restrict access to node endpoints in the console
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.