Puppet : Security Vulnerabilities, CVEs, Published In 2016 (Bypass)
Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding.
Max CVSS
9.8
EPSS Score
0.62%
Published
2016-06-10
Updated
2021-09-09
1 vulnerabilities found