Back to search
CVE-2017-2296
Published: Feb 1, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain formatting characters as Classifier node group names or RBAC role display names causes errors, effectively causing a DOS to the service. This was resolved in Puppet Enterprise 2017.2.2.
| Vendor | Product | Versions |
|---|---|---|
Puppet | Puppet Enterprise | affected 2017.1.x, 2017.2.1. Fixed in 2017.2.2 |
References
https://puppet.com/security/cve/cve-2017-2296
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now