1 results (0.004 seconds)
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2290
https://notcve.org/view.php?id=CVE-2017-2290
03 Mar 2017 — On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-agent 1.12.1. En instalaciones de Windows del plugin mcollective-puppet-agent, versión 1.12.0, un usuario no administrador puede crear un ejecutable que será ejecutado con privilegios de administrador en la siguiente e... • http://www.securityfocus.com/bid/96583 • CWE-732: Incorrect Permission Assignment for Critical Resource •