Medium severity6.5NVD Advisory· Published Feb 1, 2018· Updated Jun 17, 2026
CVE-2017-2296
CVE-2017-2296
Description
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain formatting characters as Classifier node group names or RBAC role display names causes errors, effectively causing a DOS to the service. This was resolved in Puppet Enterprise 2017.2.2.
Affected products
22017.1.x, 2017.2.1+ 1 more
- (no CPE)range: 2017.1.x, 2017.2.1
- (no CPE)range: 2017.1.x, 2017.2.1. Fixed in 2017.2.2
Patches
Vulnerability mechanics
References
1- puppet.com/security/cve/cve-2017-2296nvdVendor Advisory
News mentions
0No linked articles in our index yet.