Back to search
CVE-2017-10690
Published: Feb 9, 2018
Modified: Sep 16, 2024
PUBLISHED
Description
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4
| Vendor | Product | Versions |
|---|---|---|
Puppet | Puppet Enterprise | affected 2017.3.x prior to 2017.3.4 |
Puppet | Puppet Agent | affected 5.x prior to 5.3.4 |
References
RHSA-2018:2927
vendor-advisory
x_refsource_REDHAT
https://puppet.com/security/cve/CVE-2017-10690
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now