129 results (0.005 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered. • https://portal.perforce.com/s/detail/a91PA000001SXN3YAO • CWE-295: Improper Certificate Validation •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. Las versiones de Puppet Enterprise anteriores a 2021.7.6 y 2023.5 contienen una falla que resulta en una gestión de sesiones interrumpida para las implementaciones de SAML. • https://www.puppet.com/security/cve/cve-2023-5309-broken-session-management-puppet-enterprise • CWE-384: Session Fixation •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

In Puppet Bolt versions prior to 3.27.4, a path to escalate privileges was identified. En las versiones de Puppet Bolt anteriores a la 3.27.4, se identificó una ruta para escalar privilegios. • https://www.puppet.com/security/cve/cve-2023-5214-privilege-escalation-puppet-bolt • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. Para los certificados que utilizan la función de renovación automática en Puppet Server, existe una falla que impide que los certificados sean revocados. • https://www.puppet.com/security/cve/cve-2023-5255-denial-service-revocation-auto-renewed-certificates • CWE-404: Improper Resource Shutdown or Release •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

A privilege escalation allowing remote code execution was discovered in the orchestration service. • https://www.puppet.com/security/cve/cve-2023-2530-remote-code-execution-orchestrator •