CVE-2017-10689

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration 3 (hide)

cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*

Information

Published : 2018-02-09 12:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-10689

Mitre link : CVE-2017-10689


JSON object : View

CWE
CWE-269

Improper Privilege Management

Advertisement

dedicated server usa

Products Affected

canonical

  • ubuntu_linux

puppet

  • puppet_enterprise
  • puppet

redhat

  • satellite