CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8470
https://notcve.org/view.php?id=CVE-2015-8470
11 Dec 2017 — The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not set the secure flag for the JSESSIONID cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. La consola en Puppet Enterprise 3.7.x, 3.8.x y 2015.2.x no establece la marca secure para la cookie JSESSIONID en una sesión HTTPS. Esto facilita que atacantes remotos capturen esta cookie interceptando su transmisión en una sesión HTTP. • https://puppet.com/security/cve/CVE-2015-8470 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 1%CPEs: 6EXPL: 0CVE-2016-5714 – Gentoo Linux Security Advisory 201710-12
https://notcve.org/view.php?id=CVE-2016-5714
13 Oct 2017 — Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability." Puppet Enterprise 2015.3.3 y 2016.x en versiones anteriores a la 2016.4.0 y Puppet Agent 1.3.6 hasta la versión 1.7.0 permite que atacantes remotos omitan un mecanismo de protección... • https://bugs.gentoo.org/597684 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 12EXPL: 0CVE-2016-5716
https://notcve.org/view.php?id=CVE-2016-5716
09 Aug 2017 — The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node. La consola en Puppet Enterprise en versiones 2015.x y 2016.x anteriores a la versión 2016.4.0 incluye lecturas de strings no seguros que podrían permitir que se ejecutase código de forma remota en el nodo de la consola. • https://puppet.com/security/cve/pe-console-oct-2016 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 92%CPEs: 6EXPL: 15CVE-2017-7529 – nginx: Integer overflow in nginx range filter module leading to memory disclosure
https://notcve.org/view.php?id=CVE-2017-7529
13 Jul 2017 — Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. Las versiones desde la 0.5.6 hasta 1.13.2 incluyéndola de Nginx, son susceptibles a una vulnerabilidad de desbordamiento de enteros en el módulo filtro de rango de nginx, resultando en un filtrado de información potencialmente confidencial activada por una petición especialmente cre... • https://github.com/liusec/CVE-2017-7529 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-2294
https://notcve.org/view.php?id=CVE-2017-2294
05 Jul 2017 — Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 failed to mark MCollective server private keys as sensitive (a feature added in Puppet 4.6), so key values could be logged and stored in PuppetDB. These releases use the sensitive data type to ensure this won't happen anymore. Las versiones de Puppet Enterprise anteriores a 2016.4.5 o 2017.2.1, no pudieron marcar las claves privadas del servidor MCollective como confidenciales (una funcionalidad agregada en Puppet versión 4.6), ya que los valores d... • https://puppet.com/security/cve/cve-2017-2294 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2787
https://notcve.org/view.php?id=CVE-2016-2787
13 Feb 2017 — The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly validate certificates for the broker node, which allows remote non-whitelisted hosts to prevent runs from triggering via unspecified vectors. Puppet Communications Protocol en Puppet Enterprise 2015.3.x en versiones anteriores a 2015.3.3 no valida adecuadamente certificados para el nodo broker, lo que permite a anfitriones remotos no incluidos en la lista blanca prevenir que ejecuciones se desencadenen a travé... • https://puppet.com/security/cve/CVE-2016-2787 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 2%CPEs: 12EXPL: 0CVE-2016-2788
https://notcve.org/view.php?id=CVE-2016-2788
13 Feb 2017 — MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command. MCollective 2.7.0 y 2.8.x en versiones anteriores a 2.8.9, como se utiliza en Puppet Enterprise, permite a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con el comando mco ping. • https://puppet.com/security/cve/cve-2016-2788 • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9686
https://notcve.org/view.php?id=CVE-2016-9686
08 Feb 2017 — The Puppet Communications Protocol (PCP) Broker incorrectly validates message header sizes. An attacker could use this to crash the PCP Broker, preventing commands from being sent to agents. This is resolved in Puppet Enterprise 2016.4.3 and 2016.5.2. El Puppet Communications Protocol (PCP) Broker valida incorrectamente tamaños de la cabecera del mensaje. Un atacante podría utilizar ésto para bloquear el PCP Broker, evitando que se envíen comandos a los agentes. • https://puppet.com/security/cve/cve-2016-9686 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6501
https://notcve.org/view.php?id=CVE-2015-6501
12 Jan 2017 — Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter. La vulnerabilidad de redirección abierta en la Consola en Puppet Enterprise en versiones anteriores a 2015.2.1 permite a atacantes remotos redirigir a los usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a través de el parámetro string. • http://www.securityfocus.com/bid/93845 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 3CVE-2016-5715 – Puppet Enterprise Web Interface Open Redirect
https://notcve.org/view.php?id=CVE-2016-5715
22 Oct 2016 — Open redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a // (slash slash) followed by a domain in the redirect parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6501. La vulnerabilidad de redirección abierta en la Consola en Puppet Enterprise 2015.x y 2016.x en versiones anteriores a 2016.4.0 permite a atacantes remotos redirigir a lo... • https://packetstorm.news/files/id/139302 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •