VYPR
High severity8.8NVD Advisory· Published Aug 9, 2017· Updated Jun 17, 2026

CVE-2016-5716

CVE-2016-5716

Description

The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node.

Affected products

14
  • cpe:2.3:a:puppet:puppet_enterprise:2015.2.0:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:puppet:puppet_enterprise:2015.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2015.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2015.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2015.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2015.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2015.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2015.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2015.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2016.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2016.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2016.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:puppet:puppet_enterprise:2016.2.1:*:*:*:*:*:*:*
    • (no CPE)range: <2016.4.0
    • (no CPE)range: PE < 2016.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.