Puppetlabs Puppet Vulnerabilità

Sequenza temporale

L'anno scorso

Versione

2.5.120
2.7.018
2.7.217
2.7.116
3.0.015

Contromisure

Official Fix50
Temporary Fix0
Workaround0
Unavailable0
Not Defined4

Sfruttabilità

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined54

Accesso al vettore

Not Defined0
Physical0
Local14
Adjacent3
Network37

Autenticazione

Not Defined0
High1
Low16
None37

Interazione dell'utente

Not Defined0
Required10
None44

C3BM Index

L'anno scorso

CVSSv3 Base

≤10
≤20
≤31
≤47
≤511
≤618
≤76
≤86
≤93
≤102

CVSSv3 Temp

≤10
≤20
≤32
≤46
≤514
≤619
≤74
≤85
≤92
≤102

VulDB

≤10
≤20
≤32
≤48
≤510
≤618
≤75
≤86
≤93
≤102

NVD

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤81
≤90
≤101

CNA

≤10
≤20
≤30
≤40
≤51
≤60
≤71
≤80
≤90
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k7
<2k19
<5k28
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k54
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

L'anno scorso

🔴 CTI Attività

Affected Versions (81): 0.2, 0.25, 0.25.1, 0.25.2, 0.25.3, 0.25.4, 0.25.5, 0.25.6, 1, 1.0, 1.1, 1.2, 1.2.1, 1.2.2, 1.3.3, 1.6.18, 2, 2.0.1, 2.0.2, 2.0.3, 2.5, 2.5.1, 2.5.2, 2.6, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.7, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.7.5, 2.7.6, 2.7.7, 2.7.8, 2.7.9, 2.7.11, 2.7.12, 2.7.13, 2.7.14, 2.7.16, 2.7.17, 2.7.18, 2.7.19, 2.7.21, 2.7.22, 2.7.26, 2.8, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.8.5, 2.8.6, 3, 3.0.1, 3.1, 3.1.1, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.6.1, 3.27, 3.27.1, 3.27.2, 3.27.3

Link to Product Website: https://puppet.com/

Tipo di software: Service Management Software

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
07/10/20237.06.9Puppetlabs Puppet Bolt escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-5214
04/10/20234.74.7Puppetlabs Puppet Server Certificate denial of service$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2023-5255
04/05/20234.44.3Puppetlabs Puppet Server Certificate Name denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-1894
18/11/20212.62.6Puppetlabs Puppet Agent/Puppet Server HTTP Redirect rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2021-27023
19/12/20144.34.1Puppetlabs Puppet Licensing rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2014-9355
17/12/20144.04.0Puppetlabs Puppet Server Installation race condition$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2014-7170
16/11/20147.47.1Puppetlabs Puppet Privileges Local Privilege Escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2014-3248
12/08/20145.95.7Puppetlabs Puppet Certificates race condition$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2014-3251
17/06/20145.35.1Puppetlabs Puppet rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2014-3249
14/03/20146.36.0Puppetlabs Puppet cross site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2013-4963

44 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 44 results.

altre voci di Puppetlabs

PrecedenteVisione D'insiemeIl prossimo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!