Unrated severityNVD Advisory· Published Feb 9, 2018· Updated Sep 16, 2024

CVE-2017-10690

Description

In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4

Affected products

Puppet (software)/Puppet Agentcpe-rescue
Range: 5.x prior to 5.3.4
Puppet (software)/Puppet Enterprisecpe-rescue
Range: 2017.3.x prior to 2017.3.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2018:2927mitrevendor-advisoryx_refsource_REDHAT
puppet.com/security/cve/CVE-2017-10690mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000